21 matches found
CLEANSTART-2026-JO01099 Security fixes for CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-24051, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2xsj-vh29-9cwm, ghsa-37cx-329c-33x3, ghsa-3wgm-2mw2-vh5m, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-f6x5-jh6r-wrfv, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4, 3.2.7-r0, 3.3.3-r0
Multiple security vulnerabilities affect the argo-cd package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-YG75447 Security fixes for CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-25934, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2xsj-vh29-9cwm, ghsa-3wgm-2mw2-vh5m, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-f6x5-jh6r-wrfv, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4, 3.2.5-r0
Multiple security vulnerabilities affect the argo-cd-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2026-1606)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2026-1578)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2026-1394)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2026-1240)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2026:20308-1 Security update for go1.24-openssl
This update for go1.24-openssl fixes the following issues: - Update to version 1.24.13 jscSLE-18320 - CVE-2025-58189: crypto/tls: ALPN negotiation error contains attacker controlled information. bsc1251255 - CVE-2025-61725: net/mail: excessive CPU consumption in ParseAddress. bsc1251253 -...
SUSE-SU-2026:0297-1 Security update for go1.25-openssl
This update for go1.25-openssl fixes the following issues: Update to version 1.25.6 released 2026-01-15 jscSLE-18320, bsc1244485: Security fixes: - CVE-2025-4674 cmd/go: disable support for multiple vcs in one module bsc1246118. - CVE-2025-47906 os/exec: LookPath bug: incorrect expansion of '', '...
SUSE: Security Advisory (SUSE-SU-2025:21192-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2025:20157-1 Security update for go1.25
This update for go1.25 fixes the following issues: Update to go1.25.5. Security issues fixed: - CVE-2025-61729: crypto/x509: excessive resource consumption in printing error string for host certificate validation bsc1254431. - CVE-2025-61727: crypto/x509: excluded subdomain constraint doesn't...
SUSE-SU-2025:3681-1 Security update for go1.25
This update for go1.25 fixes the following issues: go1.25.3 released 2025-10-13 includes fixes to the crypto/x509 package. bsc1244485 CVE-2025-58187 go75861 crypto/x509: TLS validation fails for FQDNs with trailing dot go75777 spec: Go1.25 spec should be dated closer to actual release date Furthe...
opentofu-1.10.7-1.1 on GA media (moderate)
opentofu-1.10.7-1.1 on GA media Announcement ID: openSUSE-SU-2025:15711-1 Rating: moderate Cross-References: CVE-2025-58183 CVE-2025-58185 CVE-2025-58187 CVSS scores: CVE-2025-58183 SUSE : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2025-58183 SUSE : 4.8...
CVE-2025-58187 vulnerabilities
Vulnerabilities for packages: bom, custom-pod-autoscaler, gcsfuse, govulncheck, modelmesh-runtime-adapter, container-object-storage-interface, sbom-convert, gcp-compute-persistent-disk-csi-driver, certificate-transparency, s5cmd, traefik, harbor-registry, xcaddy, mc, extism, kubeflow,...
CVE-2025-58187
creationtimestamp| type| source ---|---|--- 2025-10-30 03:36:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4ezuo6vmu2s 2025-10-30 12:01:04+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3m4fw2hblri24 2025-10-30 14:04:15+00:00| seen|...
CVE-2025-58187
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains...
CVE-2025-58187
The CVE 2025-58187-name constraints issue is disclosed in F5 advisory for BIG-IP Next for Kubernetes, with a root cause in the crypto/x509 name-contraint check logic that leads to non-linear (quadratic) processing times on some certificates, causing potential DoS via excessive CPU usage. Affected...
CVE-2025-58187 Quadratic complexity when checking name constraints in crypto/x509
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. This affects programs which validate arbitrary certificate chains...
openSUSE Security Advisory (SUSE-SU-2025:3682-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:3682-1 Security update for go1.24
This update for go1.24 fixes the following issues: go1.24.9 released 2025-10-13 includes fixes to the crypto/x509 package. bsc1236217 crypto/x509: TLS validation fails for FQDNs with trailing dot go1.24.8 released 2025-10-07 includes security fixes to the archive/tar, crypto/tls, crypto/x509,...
SUSE: Security Advisory (SUSE-SU-2025:03547-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...