SUSE-SU-2026:21195-1 Security update for go1.26-openssl

This update for go1.26-openssl fixes the following issues: Update to go 1.26.1 bsc1255111, jscSLE-18320: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. - CVE-2026-27138:...

OPENSUSE-SU-2026:20537-1 Security update for go1.26-openssl

This update for go1.26-openssl fixes the following issues: Update to go 1.26.1 bsc1255111, jscSLE-18320: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. - CVE-2026-27138:...

CLEANSTART-2026-BC17682 Security fixes for CVE-2025-68121, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.4.4-r0, 2.4.4-r1

Multiple security vulnerabilities affect the newrelic-prometheus-configurator package. These issues are resolved in later releases. See references for individual vulnerability details...

SUSE: Security Advisory (SUSE-SU-2026:0976-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.26-openssl (SUSE-SU-2026:0976-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0976-1 advisory. Update to go 1.26.1 bsc1255111, jscSLE-18320: - CVE-2026-25679: net/url: reject IPv6 literal not...

SUSE: Security Advisory (SUSE-SU-2026:0876-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-27138 affecting package golang for versions less than 1.26.1-1

CVE-2026-27138 affecting package golang for versions less than 1.26.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2026-27138 affecting package golang for versions less than 1.25.8-1

CVE-2026-27138 affecting package golang for versions less than 1.25.8-1. An upgraded version of the package is available that resolves this issue...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.26 (SUSE-SU-2026:0876-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0876-1 advisory. Update to go1.26.1 bsc1255111: - CVE-2026-25679: net/url: reject IPv6 literal not at start of ho...

OPENSUSE-SU-2026:20342-1 Security update for go1.26

This update for go1.26 fixes the following issues: Changes in go1.26: go1.26.1 released 2026-03-05 includes security fixes to the crypto/x509, html/template, net/url, and os packages, as well as bug fixes to the go command, the go fix command, the compiler, and the os and reflect packages...

CVE-2026-27138 vulnerabilities

Vulnerabilities for packages: victoriametrics-cluster, polaris, dkron, terragrunt, grafana-operator, flux-source-controller, flux-image-automation-controller, flux-operator, flux-helm-controller, pluto, nova, flux-notification-controller, flux-image-reflector-controller, stakater-reloader,...

CVE-2026-27138

A certificate validation flaw has been discovered in the golang crypto/x509 module. Certificate verification can panic when a certificate in the chain has an empty DNS name and another certificate in the chain has excluded name constraints. This can crash programs that are either directly verifyi...

CVE-2026-27138

Certificate verification can panic when a certificate in the chain has an empty DNS name and another certificate in the chain has excluded name constraints. This can crash programs that are either directly verifying X.509 certificate chains, or those that use TLS...

CVE-2026-27138

creationtimestamp| type| source ---|---|--- 2026-03-06 01:19:17+00:00| seen| https://bsky.app/profile/golang.org/post/3mge5fq5pq22k 2026-03-06 22:55:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mggfu2ib3y2u 2026-03-07 02:28:02+00:00| seen|...

PT-2026-23665

Name of the Vulnerable Software and Affected Versions AWS Lambda affected versions not specified Description Actions that insert URLs into the content attribute of HTML meta tags are not properly escaped. This can lead to cross-site scripting XSS if the meta tag also includes an http-equiv...

CVE-2021-27138

The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT...

Debian dla-4320 : u-boot - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4320 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4320-1 [email protected]...

CVE-2025-27138

creationtimestamp| type| source ---|---|--- 2025-03-13 19:48:14+00:00| seen| https://t.me/cvedetector/20238...

Linux Distros Unpatched Vulnerability : CVE-2021-27138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT. CVE-2021-27138 Note that Nessus relies on the presence of the packag...

CVE-2024-27138

creationtimestamp| type| source ---|---|--- 2024-03-01 17:26:23+00:00| seen| https://t.me/ctinow/197811 2024-03-01 17:26:33+00:00| seen| https://t.me/ctinow/197821...