osbuild-composer security update

An update is available for osbuild-composer. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list A service for building customized OS artifacts, such as VM images a...

RockyLinux 9 : golang (RLSA-2026:19181)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19181 advisory. crypto/x509: Incorrect enforcement of email constraints in crypto/x509 CVE-2026-27137 net/url: Incorrect parsing of IPv6 host literals in net/url...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.54 packages and security update

Red Hat OpenShift Container Platform release 4.17.54 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

RHSA-2026:16498 Red Hat Security Advisory: golang security update

Bulletin has no description...

MiracleLinux 8 : grafana-9.2.10-30.el8_10 (AXSA:2026-603:15)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-603:15 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via...

RHEL 9 : golang (RHSA-2026:16021)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:16021 advisory. The golang packages provide the Go programming language compiler. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2026-564:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-564:01 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via...

RockyLinux 9 : golang (RLSA-2026:10219)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:10219 advisory. golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root CVE-2026-32282 crypto/tls: golang: Go crypto/tls: Denial of Service via...

RHEL 9 : golang (RHSA-2026:10219)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:10219 advisory. The golang packages provide the Go programming language compiler. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow...

RHCOS 4 : OpenShift Container Platform 4.8.4 (RHSA-2021:2984)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2984 advisory. - golang: net/http: panic in ReadRequest and ReadResponse when reading a very large header CVE-2021-31525 - golang: net: lookup...

RHCOS 4 : OpenShift Container Platform 4.15.28 (RHSA-2024:5442)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5442 advisory. - golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm CVE-2023-45290 -...

RHCOS 4 : OpenShift Container Platform 4.10.28 (RHSA-2022:6094)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:6094 advisory. - golang: cmd/go: misinterpretation of branch names can lead to incorrect access control CVE-2022-23773 - golang: crypto/elliptic:...

Important: Red Hat Security Advisory: golang security update

An update for golang is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

GHSA-CQRX-3M42-5P5W vulnerabilities

Vulnerabilities for packages: redpanda, opentelemetry-operator, nri-mssql, wireguard-go, xcover, cadvisor, grafana-operator, mage, kyverno, gitleaks, tailscale, blobfuse2, container-object-storage-interface, rancher, pvc-autoresizer, kube-arangodb, nri-f5, knative-eventing, git-credential-oauth,...

AlmaLinux 10 : golang (ALSA-2026:5941)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:5941 advisory. cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive CVE-2025-61731 net/url: Incorrect parsing of IPv6 host literals in net/url...

RHEL 10 : osbuild-composer (RHSA-2026:5852)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:5852 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building...

Important: Red Hat Security Advisory: rhc security update

An update for rhc is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as havin...

Amazon Linux 2 : golang, --advisory ALAS2-2026-3203 (ALAS-2026-3203)

The version of golang installed on the remote host is prior to 1.25.8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3203 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix...

EulerOS 2.0 SP12 : golang (EulerOS-SA-2026-1394)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a respon...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.35 packages and security update

Red Hat OpenShift Container Platform release 4.18.35 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18...