Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/923834?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "type": "deb", "namespace": "debian", "name": "golang-1.19", "version": "0", "qualifiers": { "distro": "bookworm" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.19~rc1-1", "latest_non_vulnerable_version": "1.19.8-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64344?format=api", "vulnerability_id": "VCID-6a6z-bq7m-c3gf", "summary": "crypto/x509: Panic in name constraint checking for malformed certificates in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05245", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05813", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05749", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05788", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05792", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05784", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05778", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05741", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05894", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08498", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09868", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.0979", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09957", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10025", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09998", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10037", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09952", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09915", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27138" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445344", "reference_id": "2445344", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445344" }, { "reference_url": "https://go.dev/cl/752183", "reference_id": "752183", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://go.dev/cl/752183" }, { "reference_url": "https://go.dev/issue/77953", "reference_id": "77953", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://go.dev/issue/77953" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "reference_id": "EdhZqrQ98hk", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4600", "reference_id": "GO-2026-4600", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4600" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-27138" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6a6z-bq7m-c3gf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64686?format=api", "vulnerability_id": "VCID-6rkv-zkwa-mqhf", "summary": "os: os: Information disclosure via path traversal using specially crafted filenames", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22873.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22873", "reference_id": "", "reference_type": "", "scores": [ { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.0013", "published_at": "2026-05-14T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00101", "published_at": "2026-04-08T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00102", "published_at": "2026-04-12T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00133", "published_at": "2026-04-18T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00132", "published_at": "2026-05-07T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00136", "published_at": "2026-04-26T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00134", "published_at": "2026-04-29T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00131", "published_at": "2026-05-09T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00129", "published_at": "2026-05-12T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00148", "published_at": "2026-04-04T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00178", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22873" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104816", "reference_id": "1104816", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104816" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436992", "reference_id": "2436992", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436992" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ", "reference_id": "5WDxKizJAQAJ", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T15:03:11Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/UZoIkUT367A/m/5WDxKizJAQAJ" }, { "reference_url": "https://go.dev/cl/670036", "reference_id": "670036", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T15:03:11Z/" } ], "url": "https://go.dev/cl/670036" }, { "reference_url": "https://go.dev/issue/73555", "reference_id": "73555", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T15:03:11Z/" } ], "url": "https://go.dev/issue/73555" }, { "reference_url": "https://security.archlinux.org/ASA-202505-12", "reference_id": "ASA-202505-12", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202505-12" }, { "reference_url": "https://security.archlinux.org/AVG-2878", "reference_id": "AVG-2878", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2878" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4403", "reference_id": "GO-2026-4403", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-05T15:03:11Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4403" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7291", "reference_id": "RHSA-2026:7291", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7291" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-22873" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6rkv-zkwa-mqhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350604?format=api", "vulnerability_id": "VCID-gtys-5r5h-p7ht", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01399", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.0139", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01393", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.014", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01409", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01404", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01216", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01389", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01708", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01703", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01694", "published_at": "2026-05-12T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00211", "published_at": "2026-04-13T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00276", "published_at": "2026-04-08T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00274", "published_at": "2026-04-09T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00212", "published_at": "2026-04-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00967", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33810" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU", "reference_id": "0uYbvbPZRWU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335", "reference_id": "2456335", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335" }, { "reference_url": "https://go.dev/cl/763763", "reference_id": "763763", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/" } ], "url": "https://go.dev/cl/763763" }, { "reference_url": "https://go.dev/issue/78332", "reference_id": "78332", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/" } ], "url": "https://go.dev/issue/78332" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4866", "reference_id": "GO-2026-4866", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10155", "reference_id": "RHSA-2026:10155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10158", "reference_id": "RHSA-2026:10158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11330", "reference_id": "RHSA-2026:11330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11331", "reference_id": "RHSA-2026:11331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13545", "reference_id": "RHSA-2026:13545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13791", "reference_id": "RHSA-2026:13791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14391", "reference_id": "RHSA-2026:14391", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14391" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9385", "reference_id": "RHSA-2026:9385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9385" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-33810" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gtys-5r5h-p7ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/258004?format=api", "vulnerability_id": "VCID-h2xu-3fm4-hkap", "summary": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24787", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86062", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85918", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85916", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.8591", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85928", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85933", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85924", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85945", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85954", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85974", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85996", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86014", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86011", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.86024", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85854", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85871", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85875", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85894", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02711", "scoring_system": "epss", "scoring_elements": "0.85904", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24787" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/08/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/08/3" }, { "reference_url": "https://go.dev/cl/583815", "reference_id": "583815", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "https://go.dev/cl/583815" }, { "reference_url": "https://go.dev/issue/67119", "reference_id": "67119", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "https://go.dev/issue/67119" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2024-2825", "reference_id": "GO-2024-2825", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2024-2825" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240531-0006/", "reference_id": "ntap-20240531-0006", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240531-0006/" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/wkkO4P9stm0", "reference_id": "wkkO4P9stm0", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T14:49:29Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/wkkO4P9stm0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-24787" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h2xu-3fm4-hkap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/357445?format=api", "vulnerability_id": "VCID-hzsm-8a8e-xyeu", "summary": "The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39836", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04714", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04706", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04717", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05555", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-39836" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://go.dev/cl/775320", "reference_id": "775320", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/" } ], "url": "https://go.dev/cl/775320" }, { "reference_url": "https://go.dev/issue/79006", "reference_id": "79006", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/" } ], "url": "https://go.dev/issue/79006" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4971", "reference_id": "GO-2026-4971", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4971" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M", "reference_id": "qcCIEXso47M", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-39836" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hzsm-8a8e-xyeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69448?format=api", "vulnerability_id": "VCID-jsz8-cdt5-27f6", "summary": "crypto/x509: Usage of ExtKeyUsageAny disables policy validation in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22874.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22874.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22874", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06899", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06949", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22653", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22742", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22701", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22539", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22531", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22529", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22433", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22516", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22595", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22561", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22576", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22676", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22752", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22803", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22825", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22787", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22731", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22747", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22874" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107364", "reference_id": "1107364", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107364" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320", "reference_id": "2372320", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372320" }, { "reference_url": "https://go.dev/cl/670375", "reference_id": "670375", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/" } ], "url": "https://go.dev/cl/670375" }, { "reference_url": "https://go.dev/issue/73612", "reference_id": "73612", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/" } ], "url": "https://go.dev/issue/73612" }, { "reference_url": "https://security.archlinux.org/ASA-202506-4", "reference_id": "ASA-202506-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202506-4" }, { "reference_url": "https://security.archlinux.org/AVG-2896", "reference_id": "AVG-2896", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2896" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-3749", "reference_id": "GO-2025-3749", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-3749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10676", "reference_id": "RHSA-2025:10676", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10676" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10677", "reference_id": "RHSA-2025:10677", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10677" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13931", "reference_id": "RHSA-2025:13931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13932", "reference_id": "RHSA-2025:13932", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13932" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14470", "reference_id": "RHSA-2025:14470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14472", "reference_id": "RHSA-2025:14472", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14473", "reference_id": "RHSA-2025:14473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14476", "reference_id": "RHSA-2025:14476", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14476" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14479", "reference_id": "RHSA-2025:14479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14481", "reference_id": "RHSA-2025:14481", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14484", "reference_id": "RHSA-2025:14484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17043", "reference_id": "RHSA-2025:17043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17730", "reference_id": "RHSA-2025:17730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:17731", "reference_id": "RHSA-2025:17731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:17731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19003", "reference_id": "RHSA-2025:19003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19890", "reference_id": "RHSA-2025:19890", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:19890" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A", "reference_id": "ufZ8WpEsA3A", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:45:40Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-22874" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jsz8-cdt5-27f6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67452?format=api", "vulnerability_id": "VCID-kjf2-r6zt-zqg9", "summary": "net/http: CrossOriginProtection bypass in net/http", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47910.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47910.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47910", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01189", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01529", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01211", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01214", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.012", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01194", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01197", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01186", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01549", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01536", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.0153", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01523", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01521", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01518", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01195", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.0174", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01641", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01734", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02183", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47910" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116341", "reference_id": "1116341", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116341" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397528", "reference_id": "2397528", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397528" }, { "reference_url": "https://go.dev/cl/699275", "reference_id": "699275", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/" } ], "url": "https://go.dev/cl/699275" }, { "reference_url": "https://go.dev/issue/75054", "reference_id": "75054", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/" } ], "url": "https://go.dev/issue/75054" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ", "reference_id": "DJhMQ-m5AQAJ", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-3955", "reference_id": "GO-2025-3955", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-3955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7291", "reference_id": "RHSA-2026:7291", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7291" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-47910" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kjf2-r6zt-zqg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71945?format=api", "vulnerability_id": "VCID-nwsd-53hk-ffhr", "summary": "crypto/x509: ParsePKCS1PrivateKey panic with partial keys in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22865.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22865.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22321", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22364", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22214", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22201", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22193", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22088", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22168", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22247", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22216", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22239", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2255", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22421", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22475", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22495", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22453", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22398", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22416", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22414", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-22865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342464", "reference_id": "2342464", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2342464" }, { "reference_url": "https://go.dev/cl/643098", "reference_id": "643098", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-28T14:58:11Z/" } ], "url": "https://go.dev/cl/643098" }, { "reference_url": "https://go.dev/issue/71216", "reference_id": "71216", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-28T14:58:11Z/" } ], "url": "https://go.dev/issue/71216" }, { "reference_url": "https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ", "reference_id": "bk9LAa-lCgAJ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-28T14:58:11Z/" } ], "url": "https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-3421", "reference_id": "GO-2025-3421", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-28T14:58:11Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-3421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11749", "reference_id": "RHSA-2025:11749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:11889", "reference_id": "RHSA-2025:11889", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:11889" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-22865" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nwsd-53hk-ffhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64346?format=api", "vulnerability_id": "VCID-pcez-y67t-8yg3", "summary": "net/url: Incorrect parsing of IPv6 host literals in net/url", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25679", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08816", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08768", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09802", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09672", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09743", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09793", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09771", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09754", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.0964", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09612", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13678", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15881", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.15853", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.15964", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16065", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16041", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16074", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16017", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.15973", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16013", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25679" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356", "reference_id": "2445356", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356" }, { "reference_url": "https://go.dev/cl/752180", "reference_id": "752180", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://go.dev/cl/752180" }, { "reference_url": "https://go.dev/issue/77578", "reference_id": "77578", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://go.dev/issue/77578" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "reference_id": "EdhZqrQ98hk", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4601", "reference_id": "GO-2026-4601", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10065", "reference_id": "RHSA-2026:10065", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10065" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10125", "reference_id": "RHSA-2026:10125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10133", "reference_id": "RHSA-2026:10133", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10133" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10140", "reference_id": "RHSA-2026:10140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10141", "reference_id": "RHSA-2026:10141", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10158", "reference_id": "RHSA-2026:10158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10169", "reference_id": "RHSA-2026:10169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10175", "reference_id": "RHSA-2026:10175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10184", "reference_id": "RHSA-2026:10184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10225", "reference_id": "RHSA-2026:10225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10250", "reference_id": "RHSA-2026:10250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10701", "reference_id": "RHSA-2026:10701", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10701" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10712", "reference_id": "RHSA-2026:10712", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10929", "reference_id": "RHSA-2026:10929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11217", "reference_id": "RHSA-2026:11217", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11217" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11331", "reference_id": "RHSA-2026:11331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11375", "reference_id": "RHSA-2026:11375", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11412", "reference_id": "RHSA-2026:11412", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11412" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11413", "reference_id": "RHSA-2026:11413", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11413" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11686", "reference_id": "RHSA-2026:11686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11686" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11688", "reference_id": "RHSA-2026:11688", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11747", "reference_id": "RHSA-2026:11747", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11747" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11749", "reference_id": "RHSA-2026:11749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11768", "reference_id": "RHSA-2026:11768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11800", "reference_id": "RHSA-2026:11800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11856", "reference_id": "RHSA-2026:11856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11916", "reference_id": "RHSA-2026:11916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11916" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11996", "reference_id": "RHSA-2026:11996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12028", "reference_id": "RHSA-2026:12028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12029", "reference_id": "RHSA-2026:12029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12030", "reference_id": "RHSA-2026:12030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12031", "reference_id": "RHSA-2026:12031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12032", "reference_id": "RHSA-2026:12032", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12032" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12033", "reference_id": "RHSA-2026:12033", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:12282", "reference_id": "RHSA-2026:12282", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:12282" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13508", "reference_id": "RHSA-2026:13508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13512", "reference_id": "RHSA-2026:13512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13545", "reference_id": "RHSA-2026:13545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13642", "reference_id": "RHSA-2026:13642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13643", "reference_id": "RHSA-2026:13643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13643" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13671", "reference_id": "RHSA-2026:13671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13791", "reference_id": "RHSA-2026:13791", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14020", "reference_id": "RHSA-2026:14020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14100", "reference_id": "RHSA-2026:14100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14774", "reference_id": "RHSA-2026:14774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14868", "reference_id": "RHSA-2026:14868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14879", "reference_id": "RHSA-2026:14879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:15091", "reference_id": "RHSA-2026:15091", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:15091" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16102", "reference_id": "RHSA-2026:16102", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16102" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16696", "reference_id": "RHSA-2026:16696", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16696" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16874", "reference_id": "RHSA-2026:16874", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:16875", "reference_id": "RHSA-2026:16875", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:16875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17040", "reference_id": "RHSA-2026:17040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17084", "reference_id": "RHSA-2026:17084", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17084" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:17287", "reference_id": "RHSA-2026:17287", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:17287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5110", "reference_id": "RHSA-2026:5110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5549", "reference_id": "RHSA-2026:5549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5941", "reference_id": "RHSA-2026:5941", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5941" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5942", "reference_id": "RHSA-2026:5942", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5942" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5943", "reference_id": "RHSA-2026:5943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5944", "reference_id": "RHSA-2026:5944", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5944" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6341", "reference_id": "RHSA-2026:6341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6344", "reference_id": "RHSA-2026:6344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6382", "reference_id": "RHSA-2026:6382", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6382" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6383", "reference_id": "RHSA-2026:6383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6388", "reference_id": "RHSA-2026:6388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6564", "reference_id": "RHSA-2026:6564", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6564" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6720", "reference_id": "RHSA-2026:6720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6802", "reference_id": "RHSA-2026:6802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6949", "reference_id": "RHSA-2026:6949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7005", "reference_id": "RHSA-2026:7005", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7005" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7009", "reference_id": "RHSA-2026:7009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7011", "reference_id": "RHSA-2026:7011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7259", "reference_id": "RHSA-2026:7259", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7315", "reference_id": "RHSA-2026:7315", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7315" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7328", "reference_id": "RHSA-2026:7328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7665", "reference_id": "RHSA-2026:7665", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7669", "reference_id": "RHSA-2026:7669", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7669" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7674", "reference_id": "RHSA-2026:7674", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7674" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7833", "reference_id": "RHSA-2026:7833", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7833" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7834", "reference_id": "RHSA-2026:7834", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7834" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7876", "reference_id": "RHSA-2026:7876", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7877", "reference_id": "RHSA-2026:7877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7878", "reference_id": "RHSA-2026:7878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7879", "reference_id": "RHSA-2026:7879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7883", "reference_id": "RHSA-2026:7883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7992", "reference_id": "RHSA-2026:7992", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7992" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8151", "reference_id": "RHSA-2026:8151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8167", "reference_id": "RHSA-2026:8167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8314", "reference_id": "RHSA-2026:8314", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8314" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8322", "reference_id": "RHSA-2026:8322", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8322" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8324", "reference_id": "RHSA-2026:8324", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8324" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8337", "reference_id": "RHSA-2026:8337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8338", "reference_id": "RHSA-2026:8338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8433", "reference_id": "RHSA-2026:8433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8434", "reference_id": "RHSA-2026:8434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8456", "reference_id": "RHSA-2026:8456", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8456" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8483", "reference_id": "RHSA-2026:8483", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8483" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8484", "reference_id": "RHSA-2026:8484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8490", "reference_id": "RHSA-2026:8490", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8490" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8491", "reference_id": "RHSA-2026:8491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8493", "reference_id": "RHSA-2026:8493", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8493" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8840", "reference_id": "RHSA-2026:8840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8841", "reference_id": "RHSA-2026:8841", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8841" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8842", "reference_id": "RHSA-2026:8842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8845", "reference_id": "RHSA-2026:8845", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8845" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8847", "reference_id": "RHSA-2026:8847", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8847" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8848", "reference_id": "RHSA-2026:8848", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8848" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8849", "reference_id": "RHSA-2026:8849", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8849" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8851", "reference_id": "RHSA-2026:8851", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8851" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8852", "reference_id": "RHSA-2026:8852", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8852" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8853", "reference_id": "RHSA-2026:8853", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8855", "reference_id": "RHSA-2026:8855", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8856", "reference_id": "RHSA-2026:8856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8860", "reference_id": "RHSA-2026:8860", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8860" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8877", "reference_id": "RHSA-2026:8877", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8878", "reference_id": "RHSA-2026:8878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8879", "reference_id": "RHSA-2026:8879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8881", "reference_id": "RHSA-2026:8881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8881" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8882", "reference_id": "RHSA-2026:8882", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8882" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8930", "reference_id": "RHSA-2026:8930", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8930" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8931", "reference_id": "RHSA-2026:8931", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8931" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8949", "reference_id": "RHSA-2026:8949", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8949" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9043", "reference_id": "RHSA-2026:9043", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9043" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9044", "reference_id": "RHSA-2026:9044", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9044" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9052", "reference_id": "RHSA-2026:9052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9090", "reference_id": "RHSA-2026:9090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9093", "reference_id": "RHSA-2026:9093", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9094", "reference_id": "RHSA-2026:9094", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9094" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9097", "reference_id": "RHSA-2026:9097", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9097" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9098", "reference_id": "RHSA-2026:9098", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9108", "reference_id": "RHSA-2026:9108", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9108" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9109", "reference_id": "RHSA-2026:9109", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9109" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9385", "reference_id": "RHSA-2026:9385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9385" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9434", "reference_id": "RHSA-2026:9434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9435", "reference_id": "RHSA-2026:9435", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9436", "reference_id": "RHSA-2026:9436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9439", "reference_id": "RHSA-2026:9439", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9439" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9440", "reference_id": "RHSA-2026:9440", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9440" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9448", "reference_id": "RHSA-2026:9448", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9453", "reference_id": "RHSA-2026:9453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9461", "reference_id": "RHSA-2026:9461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9695", "reference_id": "RHSA-2026:9695", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9695" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9742", "reference_id": "RHSA-2026:9742", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9872", "reference_id": "RHSA-2026:9872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9872" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-25679" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pcez-y67t-8yg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48753?format=api", "vulnerability_id": "VCID-qemj-x1bx-h7gp", "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24788.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24788.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35018", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35458", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35467", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35424", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.354", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3544", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35428", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35375", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3514", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35119", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3503", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.34908", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3498", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35017", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.34922", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.34948", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.3548", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35504", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35387", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00149", "scoring_system": "epss", "scoring_elements": "0.35433", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-24788" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814", "reference_id": "2279814", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/05/08/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/05/08/3" }, { "reference_url": "https://go.dev/cl/578375", "reference_id": "578375", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://go.dev/cl/578375" }, { "reference_url": "https://go.dev/issue/66754", "reference_id": "66754", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://go.dev/issue/66754" }, { "reference_url": "https://security.gentoo.org/glsa/202408-07", "reference_id": "GLSA-202408-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202408-07" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2024-2824", "reference_id": "GO-2024-2824", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2024-2824" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240605-0002/", "reference_id": "ntap-20240605-0002", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240605-0002/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240614-0001/", "reference_id": "ntap-20240614-0001", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240614-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4616", "reference_id": "RHSA-2024:4616", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4697", "reference_id": "RHSA-2024:4697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4872", "reference_id": "RHSA-2024:4872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4872" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4982", "reference_id": "RHSA-2024:4982", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4982" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5013", "reference_id": "RHSA-2024:5013", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5291", "reference_id": "RHSA-2024:5291", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5291" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5547", "reference_id": "RHSA-2024:5547", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6221", "reference_id": "RHSA-2024:6221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6341", "reference_id": "RHSA-2024:6341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:6969", "reference_id": "RHSA-2024:6969", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:6969" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:7548", "reference_id": "RHSA-2024:7548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:7548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9089", "reference_id": "RHSA-2024:9089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9115", "reference_id": "RHSA-2024:9115", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9135", "reference_id": "RHSA-2024:9135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9200", "reference_id": "RHSA-2024:9200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9277", "reference_id": "RHSA-2024:9277", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9277" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9485", "reference_id": "RHSA-2024:9485", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9485" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9776", "reference_id": "RHSA-2025:9776", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9776" }, { "reference_url": "https://usn.ubuntu.com/6886-1/", "reference_id": "USN-6886-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6886-1/" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/wkkO4P9stm0", "reference_id": "wkkO4P9stm0", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:38:26Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/wkkO4P9stm0" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2024-24788" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qemj-x1bx-h7gp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64347?format=api", "vulnerability_id": "VCID-x5ub-bfb7-nbbr", "summary": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.017", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01692", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02198", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02175", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02177", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0216", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02157", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02132", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02145", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0223", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03123", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03157", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03116", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03191", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03112", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03141", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03177", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03186", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03596", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27137" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345", "reference_id": "2445345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345" }, { "reference_url": "https://go.dev/cl/752182", "reference_id": "752182", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://go.dev/cl/752182" }, { "reference_url": "https://go.dev/issue/77952", "reference_id": "77952", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://go.dev/issue/77952" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk", "reference_id": "EdhZqrQ98hk", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2026-4599", "reference_id": "GO-2026-4599", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2026-4599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10125", "reference_id": "RHSA-2026:10125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10158", "reference_id": "RHSA-2026:10158", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10169", "reference_id": "RHSA-2026:10169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10175", "reference_id": "RHSA-2026:10175", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10184", "reference_id": "RHSA-2026:10184", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10225", "reference_id": "RHSA-2026:10225", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10225" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10250", "reference_id": "RHSA-2026:10250", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10250" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:10929", "reference_id": "RHSA-2026:10929", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:10929" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11331", "reference_id": "RHSA-2026:11331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:11800", "reference_id": "RHSA-2026:11800", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:11800" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:13545", "reference_id": "RHSA-2026:13545", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:13545" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:14879", "reference_id": "RHSA-2026:14879", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:14879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5110", "reference_id": "RHSA-2026:5110", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5110" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5549", "reference_id": "RHSA-2026:5549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8151", "reference_id": "RHSA-2026:8151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8167", "reference_id": "RHSA-2026:8167", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8337", "reference_id": "RHSA-2026:8337", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8338", "reference_id": "RHSA-2026:8338", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8338" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:8842", "reference_id": "RHSA-2026:8842", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:8842" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9052", "reference_id": "RHSA-2026:9052", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9052" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9385", "reference_id": "RHSA-2026:9385", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9385" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9697", "reference_id": "RHSA-2026:9697", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9697" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9698", "reference_id": "RHSA-2026:9698", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9698" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9699", "reference_id": "RHSA-2026:9699", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9699" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:9872", "reference_id": "RHSA-2026:9872", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:9872" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2026-27137" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x5ub-bfb7-nbbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266506?format=api", "vulnerability_id": "VCID-xjm1-yec3-mkc6", "summary": "os.OpenFile(path, os.O_CREATE|O_EXCL) behaved differently on Unix and Windows systems when the target path was a dangling symlink. On Unix systems, OpenFile with O_CREATE and O_EXCL flags never follows symlinks. On Windows, when the target path was a symlink to a nonexistent location, OpenFile would create a file in that location. OpenFile now always returns an error when the O_CREATE and O_EXCL flags are both set and the target path is a symlink.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03051", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03037", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12111", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12094", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12073", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12041", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11944", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11858", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11993", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12049", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12022", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12048", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12035", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12117", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12169", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12176", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1214", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12108", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11979", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11975", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0913" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://go.dev/cl/672396", "reference_id": "672396", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/" } ], "url": "https://go.dev/cl/672396" }, { "reference_url": "https://go.dev/issue/73702", "reference_id": "73702", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/" } ], "url": "https://go.dev/issue/73702" }, { "reference_url": "https://pkg.go.dev/vuln/GO-2025-3750", "reference_id": "GO-2025-3750", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/" } ], "url": "https://pkg.go.dev/vuln/GO-2025-3750" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A", "reference_id": "ufZ8WpEsA3A", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-11T17:35:44Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/ufZ8WpEsA3A" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/923834?format=api", "purl": "pkg:deb/debian/golang-1.19@0?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }, { "url": "http://public2.vulnerablecode.io/api/packages/923825?format=api", "purl": "pkg:deb/debian/golang-1.19@1.19.8-2?distro=bookworm", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@1.19.8-2%3Fdistro=bookworm" } ], "aliases": [ "CVE-2025-0913" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xjm1-yec3-mkc6" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.19@0%3Fdistro=bookworm" }