Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-47914 (GCVE-0-2025-47914)
Vulnerability from cvelistv5 – Published: 2025-11-19 20:33 – Updated: 2025-11-20 17:15
VLAI
EPSS
Title
Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent
Summary
SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/crypto | golang.org/x/crypto/ssh/agent |
Affected:
0 , < 0.45.0
(semver)
|
Credits
Jakub Ciolek
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-47914",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-19T20:50:27.263405Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-19T20:50:30.968Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/crypto/ssh/agent",
"product": "golang.org/x/crypto/ssh/agent",
"programRoutines": [
{
"name": "parseConstraints"
},
{
"name": "ForwardToAgent"
},
{
"name": "ServeAgent"
}
],
"vendor": "golang.org/x/crypto",
"versions": [
{
"lessThan": "0.45.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jakub Ciolek"
}
],
"descriptions": [
{
"lang": "en",
"value": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-237",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T17:15:00.344Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA"
},
{
"url": "https://go.dev/cl/721960"
},
{
"url": "https://go.dev/issue/76364"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-4135"
}
],
"title": "Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-47914",
"datePublished": "2025-11-19T20:33:43.126Z",
"dateReserved": "2025-05-13T23:31:29.597Z",
"dateUpdated": "2025-11-20T17:15:00.344Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-47914",
"date": "2026-07-06",
"epss": "0.00473",
"percentile": "0.37582"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-47914\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-11-19T21:15:50.517\",\"lastModified\":\"2026-06-17T09:28:50.497\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"golang.org/x/crypto\",\"product\":\"golang.org/x/crypto/ssh/agent\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"golang.org/x/crypto/ssh/agent\",\"programRoutines\":[{\"name\":\"parseConstraints\"},{\"name\":\"ForwardToAgent\"},{\"name\":\"ServeAgent\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"0.45.0\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-11-19T20:50:27.263405Z\",\"id\":\"CVE-2025-47914\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:crypto:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.45.0\",\"matchCriteriaId\":\"0DB7D01D-5361-40FC-83A9-91A601A0321D\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/721960\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/76364\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-4135\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-47914\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-19T20:50:27.263405Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125 Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-19T20:50:22.359Z\"}}], \"cna\": {\"title\": \"Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent\", \"credits\": [{\"lang\": \"en\", \"value\": \"Jakub Ciolek\"}], \"affected\": [{\"vendor\": \"golang.org/x/crypto\", \"product\": \"golang.org/x/crypto/ssh/agent\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.45.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/crypto/ssh/agent\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"parseConstraints\"}, {\"name\": \"ForwardToAgent\"}, {\"name\": \"ServeAgent\"}]}], \"references\": [{\"url\": \"https://groups.google.com/g/golang-announce/c/w-oX3UxNcZA\"}, {\"url\": \"https://go.dev/cl/721960\"}, {\"url\": \"https://go.dev/issue/76364\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-4135\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-237\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-11-20T17:15:00.344Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-47914\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-20T17:15:00.344Z\", \"dateReserved\": \"2025-05-13T23:31:29.597Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2025-11-19T20:33:43.126Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2026:21291-1
Vulnerability from csaf_suse - Published: 2026-04-23 12:23 - Updated: 2026-04-23 12:23Summary
Security update for podman
Severity
Important
Notes
Title of the patch: Security update for podman
Description of the patch: This update for podman fixes the following issues:
- CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: Container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files (bsc#1252376).
- CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542).
- CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read (bsc#1253993).
Patchnames: SUSE-SLE-Micro-6.1-506
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
25 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for podman fixes the following issues:\n\n- CVE-2025-31133,CVE-2025-52565,CVE-2025-52881: Container breakouts by bypassing runc\u0027s restrictions for writing to arbitrary /proc files (bsc#1252376).\n- CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request (bsc#1253542).\n- CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds read (bsc#1253993).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-506",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21291-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21291-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621291-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21291-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-April/046026.html"
},
{
"category": "self",
"summary": "SUSE Bug 1252376",
"url": "https://bugzilla.suse.com/1252376"
},
{
"category": "self",
"summary": "SUSE Bug 1253542",
"url": "https://bugzilla.suse.com/1253542"
},
{
"category": "self",
"summary": "SUSE Bug 1253993",
"url": "https://bugzilla.suse.com/1253993"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-31133 page",
"url": "https://www.suse.com/security/cve/CVE-2025-31133/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52565 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52881/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2026-04-23T12:23:33Z",
"generator": {
"date": "2026-04-23T12:23:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21291-1",
"initial_release_date": "2026-04-23T12:23:33Z",
"revision_history": [
{
"date": "2026-04-23T12:23:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-5.4.2-slfo.1.1_4.1.aarch64",
"product": {
"name": "podman-5.4.2-slfo.1.1_4.1.aarch64",
"product_id": "podman-5.4.2-slfo.1.1_4.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"product": {
"name": "podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"product_id": "podman-remote-5.4.2-slfo.1.1_4.1.aarch64"
}
},
{
"category": "product_version",
"name": "podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"product": {
"name": "podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"product_id": "podmansh-5.4.2-slfo.1.1_4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"product": {
"name": "podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"product_id": "podman-docker-5.4.2-slfo.1.1_4.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5.4.2-slfo.1.1_4.1.ppc64le",
"product": {
"name": "podman-5.4.2-slfo.1.1_4.1.ppc64le",
"product_id": "podman-5.4.2-slfo.1.1_4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"product": {
"name": "podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"product_id": "podman-remote-5.4.2-slfo.1.1_4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"product": {
"name": "podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"product_id": "podmansh-5.4.2-slfo.1.1_4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5.4.2-slfo.1.1_4.1.s390x",
"product": {
"name": "podman-5.4.2-slfo.1.1_4.1.s390x",
"product_id": "podman-5.4.2-slfo.1.1_4.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"product": {
"name": "podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"product_id": "podman-remote-5.4.2-slfo.1.1_4.1.s390x"
}
},
{
"category": "product_version",
"name": "podmansh-5.4.2-slfo.1.1_4.1.s390x",
"product": {
"name": "podmansh-5.4.2-slfo.1.1_4.1.s390x",
"product_id": "podmansh-5.4.2-slfo.1.1_4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5.4.2-slfo.1.1_4.1.x86_64",
"product": {
"name": "podman-5.4.2-slfo.1.1_4.1.x86_64",
"product_id": "podman-5.4.2-slfo.1.1_4.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"product": {
"name": "podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"product_id": "podman-remote-5.4.2-slfo.1.1_4.1.x86_64"
}
},
{
"category": "product_version",
"name": "podmansh-5.4.2-slfo.1.1_4.1.x86_64",
"product": {
"name": "podmansh-5.4.2-slfo.1.1_4.1.x86_64",
"product_id": "podmansh-5.4.2-slfo.1.1_4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.4.2-slfo.1.1_4.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64"
},
"product_reference": "podman-5.4.2-slfo.1.1_4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.4.2-slfo.1.1_4.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le"
},
"product_reference": "podman-5.4.2-slfo.1.1_4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.4.2-slfo.1.1_4.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x"
},
"product_reference": "podman-5.4.2-slfo.1.1_4.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.4.2-slfo.1.1_4.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64"
},
"product_reference": "podman-5.4.2-slfo.1.1_4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-5.4.2-slfo.1.1_4.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch"
},
"product_reference": "podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.4.2-slfo.1.1_4.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64"
},
"product_reference": "podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.4.2-slfo.1.1_4.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le"
},
"product_reference": "podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.4.2-slfo.1.1_4.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x"
},
"product_reference": "podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.4.2-slfo.1.1_4.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64"
},
"product_reference": "podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.4.2-slfo.1.1_4.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64"
},
"product_reference": "podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.4.2-slfo.1.1_4.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le"
},
"product_reference": "podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.4.2-slfo.1.1_4.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x"
},
"product_reference": "podmansh-5.4.2-slfo.1.1_4.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.4.2-slfo.1.1_4.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
},
"product_reference": "podmansh-5.4.2-slfo.1.1_4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31133",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-31133"
}
],
"notes": [
{
"category": "general",
"text": "runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container\u0027s /dev/null) was actually a real /dev/null inode when using the container\u0027s /dev/null to mask. This exposes two methods of attack: an arbitrary mount gadget, leading to host information disclosure, host denial of service, container escape, or a bypassing of maskedPaths. This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-31133",
"url": "https://www.suse.com/security/cve/CVE-2025-31133"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-31133",
"url": "https://bugzilla.suse.com/1252232"
},
{
"category": "external",
"summary": "SUSE Bug 1255063 for CVE-2025-31133",
"url": "https://bugzilla.suse.com/1255063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T12:23:33Z",
"details": "important"
}
],
"title": "CVE-2025-31133"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T12:23:33Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T12:23:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-52565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52565"
}
],
"notes": [
{
"category": "general",
"text": "runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the container, an attacker can trick runc into bind-mounting paths which would normally be made read-only or be masked onto a path that the attacker can write to. This attack is very similar in concept and application to CVE-2025-31133, except that it attacks a similar vulnerability in a different target (namely, the bind-mount of `/dev/pts/$n` to `/dev/console` as configured for all containers that allocate a console). This happens after `pivot_root(2)`, so this cannot be used to write to host files directly -- however, as with CVE-2025-31133, this can load to denial of service of the host or a container breakout by providing the attacker with a writable copy of `/proc/sysrq-trigger` or `/proc/sys/kernel/core_pattern` (respectively). This issue is fixed in versions 1.2.8, 1.3.3 and 1.4.0-rc.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52565",
"url": "https://www.suse.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52565",
"url": "https://bugzilla.suse.com/1252232"
},
{
"category": "external",
"summary": "SUSE Bug 1255063 for CVE-2025-52565",
"url": "https://bugzilla.suse.com/1255063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T12:23:33Z",
"details": "important"
}
],
"title": "CVE-2025-52565"
},
{
"cve": "CVE-2025-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52881"
}
],
"notes": [
{
"category": "general",
"text": "runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have also verified this attack is possible to exploit using a standard Dockerfile with docker buildx build as that also permits triggering parallel execution of containers with custom shared mounts configured). This redirect could be through symbolic links in a tmpfs or theoretically other methods such as regular bind-mounts. While similar, the mitigation applied for the related CVE, CVE-2019-19921, was fairly limited and effectively only caused runc to verify that when LSM labels are written they are actually procfs files. This issue is fixed in versions 1.2.8, 1.3.3, and 1.4.0-rc.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52881",
"url": "https://www.suse.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52881",
"url": "https://bugzilla.suse.com/1252232"
},
{
"category": "external",
"summary": "SUSE Bug 1255063 for CVE-2025-52881",
"url": "https://bugzilla.suse.com/1255063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_4.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_4.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-23T12:23:33Z",
"details": "important"
}
],
"title": "CVE-2025-52881"
}
]
}
SUSE-SU-2026:21756-1
Vulnerability from csaf_suse - Published: 2026-05-22 11:51 - Updated: 2026-05-22 11:51Summary
Security update for mcphost
Severity
Important
Notes
Title of the patch: Security update for mcphost
Description of the patch: This update for mcphost fixes the following issues
- CVE-2025-30153: github.com/getkin/kin-openapi/openapi3filter: Improper Handling of Highly Compressed Data (Data
Amplification) in github.com/getkin/kin-openapi/openapi3filter (bsc#1264762).
- CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in
response to a key listing or (bsc#1265274).
- CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds
read (bsc#1265275).
- CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption
(bsc#1253952).
- CVE-2026-32285: github.com/buger/jsonparser: denial of service via malformed JSON input (bsc#1264759).
- CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo-
header (bsc#1260224).
Changes for mcphost:
- Updated to version 0.34.0
* Features:
- Upgrade charmbracelet libs to v2 (bubbletea, lipgloss, bubbles)
- Add Google Vertex AI support for Claude models
- Add new models.
* Fixes:
- Eliminate escape sequence leak from spinner tea.Program instances.
- Fix anthropic api issue.
- Convert JSON Schema draft-07 exclusive bounds to draft-04 format.
* Upgrade all dependencies to latest versions, resolve security issues
and to obtain Go 1.26 compatibility.
Patchnames: SUSE-SL-Micro-6.2-794
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
28 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for mcphost",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for mcphost fixes the following issues\n\n- CVE-2025-30153: github.com/getkin/kin-openapi/openapi3filter: Improper Handling of Highly Compressed Data (Data\n Amplification) in github.com/getkin/kin-openapi/openapi3filter (bsc#1264762).\n- CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in\n response to a key listing or (bsc#1265274).\n- CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds\n read (bsc#1265275).\n- CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption\n (bsc#1253952).\n- CVE-2026-32285: github.com/buger/jsonparser: denial of service via malformed JSON input (bsc#1264759).\n- CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo-\n header (bsc#1260224).\n\nChanges for mcphost:\n\n- Updated to version 0.34.0\n * Features:\n - Upgrade charmbracelet libs to v2 (bubbletea, lipgloss, bubbles)\n - Add Google Vertex AI support for Claude models\n - Add new models.\n * Fixes:\n - Eliminate escape sequence leak from spinner tea.Program instances.\n - Fix anthropic api issue.\n - Convert JSON Schema draft-07 exclusive bounds to draft-04 format.\n * Upgrade all dependencies to latest versions, resolve security issues\n and to obtain Go 1.26 compatibility.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-794",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21756-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21756-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621756-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21756-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046760.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253952",
"url": "https://bugzilla.suse.com/1253952"
},
{
"category": "self",
"summary": "SUSE Bug 1260224",
"url": "https://bugzilla.suse.com/1260224"
},
{
"category": "self",
"summary": "SUSE Bug 1264759",
"url": "https://bugzilla.suse.com/1264759"
},
{
"category": "self",
"summary": "SUSE Bug 1264762",
"url": "https://bugzilla.suse.com/1264762"
},
{
"category": "self",
"summary": "SUSE Bug 1265274",
"url": "https://bugzilla.suse.com/1265274"
},
{
"category": "self",
"summary": "SUSE Bug 1265275",
"url": "https://bugzilla.suse.com/1265275"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30153 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32285 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
}
],
"title": "Security update for mcphost",
"tracking": {
"current_release_date": "2026-05-22T11:51:53Z",
"generator": {
"date": "2026-05-22T11:51:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21756-1",
"initial_release_date": "2026-05-22T11:51:53Z",
"revision_history": [
{
"date": "2026-05-22T11:51:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-160000.1.1.aarch64",
"product": {
"name": "mcphost-0.34.0-160000.1.1.aarch64",
"product_id": "mcphost-0.34.0-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-160000.1.1.ppc64le",
"product": {
"name": "mcphost-0.34.0-160000.1.1.ppc64le",
"product_id": "mcphost-0.34.0-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-160000.1.1.s390x",
"product": {
"name": "mcphost-0.34.0-160000.1.1.s390x",
"product_id": "mcphost-0.34.0-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-160000.1.1.x86_64",
"product": {
"name": "mcphost-0.34.0-160000.1.1.x86_64",
"product_id": "mcphost-0.34.0-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64"
},
"product_reference": "mcphost-0.34.0-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le"
},
"product_reference": "mcphost-0.34.0-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x"
},
"product_reference": "mcphost-0.34.0-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
},
"product_reference": "mcphost-0.34.0-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-30153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30153"
}
],
"notes": [
{
"category": "general",
"text": "kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file (e.g., a ZIP bomb), causing the server to consume all available system memory. The root cause comes from the ZipFileBodyDecoder, which is registered automatically by the module (contrary to what the documentation says). This vulnerability is fixed in 0.131.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30153",
"url": "https://www.suse.com/security/cve/CVE-2025-30153"
},
{
"category": "external",
"summary": "SUSE Bug 1264761 for CVE-2025-30153",
"url": "https://bugzilla.suse.com/1264761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "important"
}
],
"title": "CVE-2025-30153"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
},
{
"cve": "CVE-2026-32285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32285"
}
],
"notes": [
{
"category": "general",
"text": "The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32285",
"url": "https://www.suse.com/security/cve/CVE-2026-32285"
},
{
"category": "external",
"summary": "SUSE Bug 1261230 for CVE-2026-32285",
"url": "https://bugzilla.suse.com/1261230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "moderate"
}
],
"title": "CVE-2026-32285"
},
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Micro 6.2:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
}
]
}
SUSE-SU-2026:21827-1
Vulnerability from csaf_suse - Published: 2026-05-22 11:51 - Updated: 2026-05-22 11:51Summary
Security update for mcphost
Severity
Important
Notes
Title of the patch: Security update for mcphost
Description of the patch: This update for mcphost fixes the following issues
- CVE-2025-30153: github.com/getkin/kin-openapi/openapi3filter: Improper Handling of Highly Compressed Data (Data
Amplification) in github.com/getkin/kin-openapi/openapi3filter (bsc#1264762).
- CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in
response to a key listing or (bsc#1265274).
- CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds
read (bsc#1265275).
- CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption
(bsc#1253952).
- CVE-2026-32285: github.com/buger/jsonparser: denial of service via malformed JSON input (bsc#1264759).
- CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo-
header (bsc#1260224).
Changes for mcphost:
- Updated to version 0.34.0
* Features:
- Upgrade charmbracelet libs to v2 (bubbletea, lipgloss, bubbles)
- Add Google Vertex AI support for Claude models
- Add new models.
* Fixes:
- Eliminate escape sequence leak from spinner tea.Program instances.
- Fix anthropic api issue.
- Convert JSON Schema draft-07 exclusive bounds to draft-04 format.
* Upgrade all dependencies to latest versions, resolve security issues
and to obtain Go 1.26 compatibility.
Patchnames: SUSE-SLES-16.0-794
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.3 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
28 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for mcphost",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for mcphost fixes the following issues\n\n- CVE-2025-30153: github.com/getkin/kin-openapi/openapi3filter: Improper Handling of Highly Compressed Data (Data\n Amplification) in github.com/getkin/kin-openapi/openapi3filter (bsc#1264762).\n- CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in\n response to a key listing or (bsc#1265274).\n- CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validated message size can cause a panic due to an out of bounds\n read (bsc#1265275).\n- CVE-2025-58181: golang.org/x/crypto/ssh: invalidated number of mechanisms can cause unbounded memory consumption\n (bsc#1253952).\n- CVE-2026-32285: github.com/buger/jsonparser: denial of service via malformed JSON input (bsc#1264759).\n- CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo-\n header (bsc#1260224).\n\nChanges for mcphost:\n\n- Updated to version 0.34.0\n * Features:\n - Upgrade charmbracelet libs to v2 (bubbletea, lipgloss, bubbles)\n - Add Google Vertex AI support for Claude models\n - Add new models.\n * Fixes:\n - Eliminate escape sequence leak from spinner tea.Program instances.\n - Fix anthropic api issue.\n - Convert JSON Schema draft-07 exclusive bounds to draft-04 format.\n * Upgrade all dependencies to latest versions, resolve security issues\n and to obtain Go 1.26 compatibility.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-794",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_21827-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:21827-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202621827-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:21827-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-May/046786.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253952",
"url": "https://bugzilla.suse.com/1253952"
},
{
"category": "self",
"summary": "SUSE Bug 1260224",
"url": "https://bugzilla.suse.com/1260224"
},
{
"category": "self",
"summary": "SUSE Bug 1264759",
"url": "https://bugzilla.suse.com/1264759"
},
{
"category": "self",
"summary": "SUSE Bug 1264762",
"url": "https://bugzilla.suse.com/1264762"
},
{
"category": "self",
"summary": "SUSE Bug 1265274",
"url": "https://bugzilla.suse.com/1265274"
},
{
"category": "self",
"summary": "SUSE Bug 1265275",
"url": "https://bugzilla.suse.com/1265275"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30153 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-58181 page",
"url": "https://www.suse.com/security/cve/CVE-2025-58181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32285 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
}
],
"title": "Security update for mcphost",
"tracking": {
"current_release_date": "2026-05-22T11:51:53Z",
"generator": {
"date": "2026-05-22T11:51:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:21827-1",
"initial_release_date": "2026-05-22T11:51:53Z",
"revision_history": [
{
"date": "2026-05-22T11:51:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-160000.1.1.aarch64",
"product": {
"name": "mcphost-0.34.0-160000.1.1.aarch64",
"product_id": "mcphost-0.34.0-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-160000.1.1.ppc64le",
"product": {
"name": "mcphost-0.34.0-160000.1.1.ppc64le",
"product_id": "mcphost-0.34.0-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-160000.1.1.s390x",
"product": {
"name": "mcphost-0.34.0-160000.1.1.s390x",
"product_id": "mcphost-0.34.0-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-160000.1.1.x86_64",
"product": {
"name": "mcphost-0.34.0-160000.1.1.x86_64",
"product_id": "mcphost-0.34.0-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64"
},
"product_reference": "mcphost-0.34.0-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le"
},
"product_reference": "mcphost-0.34.0-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x"
},
"product_reference": "mcphost-0.34.0-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64"
},
"product_reference": "mcphost-0.34.0-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64"
},
"product_reference": "mcphost-0.34.0-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le"
},
"product_reference": "mcphost-0.34.0-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x"
},
"product_reference": "mcphost-0.34.0-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
},
"product_reference": "mcphost-0.34.0-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-30153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30153"
}
],
"notes": [
{
"category": "general",
"text": "kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file (e.g., a ZIP bomb), causing the server to consume all available system memory. The root cause comes from the ZipFileBodyDecoder, which is registered automatically by the module (contrary to what the documentation says). This vulnerability is fixed in 0.131.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30153",
"url": "https://www.suse.com/security/cve/CVE-2025-30153"
},
{
"category": "external",
"summary": "SUSE Bug 1264761 for CVE-2025-30153",
"url": "https://bugzilla.suse.com/1264761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "important"
}
],
"title": "CVE-2025-30153"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-58181"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-58181",
"url": "https://www.suse.com/security/cve/CVE-2025-58181"
},
{
"category": "external",
"summary": "SUSE Bug 1253784 for CVE-2025-58181",
"url": "https://bugzilla.suse.com/1253784"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "moderate"
}
],
"title": "CVE-2025-58181"
},
{
"cve": "CVE-2026-32285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32285"
}
],
"notes": [
{
"category": "general",
"text": "The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32285",
"url": "https://www.suse.com/security/cve/CVE-2026-32285"
},
{
"category": "external",
"summary": "SUSE Bug 1261230 for CVE-2026-32285",
"url": "https://bugzilla.suse.com/1261230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "moderate"
}
],
"title": "CVE-2026-32285"
},
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:mcphost-0.34.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:mcphost-0.34.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-22T11:51:53Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
}
]
}
SUSE-SU-2026:22451-1
Vulnerability from csaf_suse - Published: 2026-06-30 09:18 - Updated: 2026-06-30 09:18Summary
Security update for podman
Severity
Important
Notes
Title of the patch: Security update for podman
Description of the patch: This update for podman fixes the following issues
- CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing
encrypted key can lead to a denial of service (bsc#1262856).
- CVE-2026-39827: Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh
(bsc#1266125).
- CVE-2026-39828: Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-39829: Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-39830: Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh
(bsc#1266125).
- CVE-2026-39831: Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh
(bsc#1266125).
- CVE-2026-39832: Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent
(bsc#1266125).
- CVE-2026-39833: Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent (bsc#1266125).
- CVE-2026-39834: Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-39835: Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-42508: Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts
(bsc#1266125).
- CVE-2026-46595: Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh
(bsc#1266125).
- CVE-2026-46597: Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh (bsc#1266125).
- CVE-2026-46598: Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent (bsc#1266125).
Patchnames: SUSE-SLE-Micro-6.1-598
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.3 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.7 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
67 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for podman fixes the following issues\n\n- CVE-2026-34986: github.com/go-jose/go-jose/v4,github.com/go-jose/go-jose/v3: crafted JWE input with a missing\n encrypted key can lead to a denial of service (bsc#1262856).\n- CVE-2026-39827: Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh\n (bsc#1266125).\n- CVE-2026-39828: Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh (bsc#1266125).\n- CVE-2026-39829: Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh (bsc#1266125).\n- CVE-2026-39830: Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh\n (bsc#1266125).\n- CVE-2026-39831: Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh\n (bsc#1266125).\n- CVE-2026-39832: Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent\n (bsc#1266125).\n- CVE-2026-39833: Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent (bsc#1266125).\n- CVE-2026-39834: Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh (bsc#1266125).\n- CVE-2026-39835: Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh (bsc#1266125).\n- CVE-2026-42508: Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts\n (bsc#1266125).\n- CVE-2026-46595: Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh\n (bsc#1266125).\n- CVE-2026-46597: Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh (bsc#1266125).\n- CVE-2026-46598: Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent (bsc#1266125).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-598",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22451-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22451-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622451-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22451-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-July/027257.html"
},
{
"category": "self",
"summary": "SUSE Bug 1262856",
"url": "https://bugzilla.suse.com/1262856"
},
{
"category": "self",
"summary": "SUSE Bug 1266125",
"url": "https://bugzilla.suse.com/1266125"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22869 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47913 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-47914 page",
"url": "https://www.suse.com/security/cve/CVE-2025-47914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-52881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-6032 page",
"url": "https://www.suse.com/security/cve/CVE-2025-6032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-9566 page",
"url": "https://www.suse.com/security/cve/CVE-2025-9566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34986 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39827 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39828 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39829 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39830 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39831 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39832 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39833 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39834 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39835 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-42508 page",
"url": "https://www.suse.com/security/cve/CVE-2026-42508/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46595 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46597 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46598 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46598/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2026-06-30T09:18:33Z",
"generator": {
"date": "2026-06-30T09:18:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22451-1",
"initial_release_date": "2026-06-30T09:18:33Z",
"revision_history": [
{
"date": "2026-06-30T09:18:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-5.4.2-slfo.1.1_5.1.aarch64",
"product": {
"name": "podman-5.4.2-slfo.1.1_5.1.aarch64",
"product_id": "podman-5.4.2-slfo.1.1_5.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"product": {
"name": "podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"product_id": "podman-remote-5.4.2-slfo.1.1_5.1.aarch64"
}
},
{
"category": "product_version",
"name": "podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"product": {
"name": "podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"product_id": "podmansh-5.4.2-slfo.1.1_5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"product": {
"name": "podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"product_id": "podman-docker-5.4.2-slfo.1.1_5.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5.4.2-slfo.1.1_5.1.ppc64le",
"product": {
"name": "podman-5.4.2-slfo.1.1_5.1.ppc64le",
"product_id": "podman-5.4.2-slfo.1.1_5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"product": {
"name": "podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"product_id": "podman-remote-5.4.2-slfo.1.1_5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"product": {
"name": "podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"product_id": "podmansh-5.4.2-slfo.1.1_5.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5.4.2-slfo.1.1_5.1.s390x",
"product": {
"name": "podman-5.4.2-slfo.1.1_5.1.s390x",
"product_id": "podman-5.4.2-slfo.1.1_5.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"product": {
"name": "podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"product_id": "podman-remote-5.4.2-slfo.1.1_5.1.s390x"
}
},
{
"category": "product_version",
"name": "podmansh-5.4.2-slfo.1.1_5.1.s390x",
"product": {
"name": "podmansh-5.4.2-slfo.1.1_5.1.s390x",
"product_id": "podmansh-5.4.2-slfo.1.1_5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-5.4.2-slfo.1.1_5.1.x86_64",
"product": {
"name": "podman-5.4.2-slfo.1.1_5.1.x86_64",
"product_id": "podman-5.4.2-slfo.1.1_5.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"product": {
"name": "podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"product_id": "podman-remote-5.4.2-slfo.1.1_5.1.x86_64"
}
},
{
"category": "product_version",
"name": "podmansh-5.4.2-slfo.1.1_5.1.x86_64",
"product": {
"name": "podmansh-5.4.2-slfo.1.1_5.1.x86_64",
"product_id": "podmansh-5.4.2-slfo.1.1_5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.4.2-slfo.1.1_5.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64"
},
"product_reference": "podman-5.4.2-slfo.1.1_5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.4.2-slfo.1.1_5.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le"
},
"product_reference": "podman-5.4.2-slfo.1.1_5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.4.2-slfo.1.1_5.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x"
},
"product_reference": "podman-5.4.2-slfo.1.1_5.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-5.4.2-slfo.1.1_5.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64"
},
"product_reference": "podman-5.4.2-slfo.1.1_5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-5.4.2-slfo.1.1_5.1.noarch as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch"
},
"product_reference": "podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.4.2-slfo.1.1_5.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64"
},
"product_reference": "podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.4.2-slfo.1.1_5.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le"
},
"product_reference": "podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.4.2-slfo.1.1_5.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x"
},
"product_reference": "podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-5.4.2-slfo.1.1_5.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64"
},
"product_reference": "podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.4.2-slfo.1.1_5.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64"
},
"product_reference": "podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.4.2-slfo.1.1_5.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le"
},
"product_reference": "podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.4.2-slfo.1.1_5.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x"
},
"product_reference": "podmansh-5.4.2-slfo.1.1_5.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podmansh-5.4.2-slfo.1.1_5.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
},
"product_reference": "podmansh-5.4.2-slfo.1.1_5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-22869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22869"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22869",
"url": "https://www.suse.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "SUSE Bug 1239322 for CVE-2025-22869",
"url": "https://bugzilla.suse.com/1239322"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2025-22869"
},
{
"cve": "CVE-2025-47913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47913"
}
],
"notes": [
{
"category": "general",
"text": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47913",
"url": "https://www.suse.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "SUSE Bug 1253506 for CVE-2025-47913",
"url": "https://bugzilla.suse.com/1253506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2025-47913"
},
{
"cve": "CVE-2025-47914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-47914"
}
],
"notes": [
{
"category": "general",
"text": "SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-47914",
"url": "https://www.suse.com/security/cve/CVE-2025-47914"
},
{
"category": "external",
"summary": "SUSE Bug 1253967 for CVE-2025-47914",
"url": "https://bugzilla.suse.com/1253967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "moderate"
}
],
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-52881"
}
],
"notes": [
{
"category": "general",
"text": "runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have also verified this attack is possible to exploit using a standard Dockerfile with docker buildx build as that also permits triggering parallel execution of containers with custom shared mounts configured). This redirect could be through symbolic links in a tmpfs or theoretically other methods such as regular bind-mounts. While similar, the mitigation applied for the related CVE, CVE-2019-19921, was fairly limited and effectively only caused runc to verify that when LSM labels are written they are actually procfs files. This issue is fixed in versions 1.2.8, 1.3.3, and 1.4.0-rc.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-52881",
"url": "https://www.suse.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1252232 for CVE-2025-52881",
"url": "https://bugzilla.suse.com/1252232"
},
{
"category": "external",
"summary": "SUSE Bug 1255063 for CVE-2025-52881",
"url": "https://bugzilla.suse.com/1255063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2025-52881"
},
{
"cve": "CVE-2025-6032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-6032"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-6032",
"url": "https://www.suse.com/security/cve/CVE-2025-6032"
},
{
"category": "external",
"summary": "SUSE Bug 1245320 for CVE-2025-6032",
"url": "https://bugzilla.suse.com/1245320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2025-6032"
},
{
"cve": "CVE-2025-9566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-9566"
}
],
"notes": [
{
"category": "general",
"text": "There\u0027s a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.\n\nBinary-Affected: podman\nUpstream-version-introduced: v4.0.0\nUpstream-version-fixed: v5.6.1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-9566",
"url": "https://www.suse.com/security/cve/CVE-2025-9566"
},
{
"category": "external",
"summary": "SUSE Bug 1249154 for CVE-2025-9566",
"url": "https://bugzilla.suse.com/1249154"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2025-9566"
},
{
"cve": "CVE-2026-34986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34986"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34986",
"url": "https://www.suse.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "SUSE Bug 1262805 for CVE-2026-34986",
"url": "https://bugzilla.suse.com/1262805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-34986"
},
{
"cve": "CVE-2026-39827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39827"
}
],
"notes": [
{
"category": "general",
"text": "An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection\u0027s internal state and released for garbage collection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39827",
"url": "https://www.suse.com/security/cve/CVE-2026-39827"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39827",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-39827"
},
{
"cve": "CVE-2026-39828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39828"
}
],
"notes": [
{
"category": "general",
"text": "When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39828",
"url": "https://www.suse.com/security/cve/CVE-2026-39828"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39828",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-39828"
},
{
"cve": "CVE-2026-39829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39829"
}
],
"notes": [
{
"category": "general",
"text": "The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public key authentication. RSA moduli are now limited to 8192 bits, and DSA parameters are validated per FIPS 186-2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39829",
"url": "https://www.suse.com/security/cve/CVE-2026-39829"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39829",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-39829"
},
{
"cve": "CVE-2026-39830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39830"
}
],
"notes": [
{
"category": "general",
"text": "A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection\u0027s read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39830",
"url": "https://www.suse.com/security/cve/CVE-2026-39830"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39830",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-39830"
},
{
"cve": "CVE-2026-39831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39831"
}
],
"notes": [
{
"category": "general",
"text": "The Verify() method for FIDO/U2F security key types (sk-ecdsa-sha2-nistp256@openssh.com, sk-ssh-ed25519@openssh.com) did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior, return a \"no-touch-required\" extension in Permissions.Extensions from PublicKeyCallback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39831",
"url": "https://www.suse.com/security/cve/CVE-2026-39831"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39831",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-39831"
},
{
"cve": "CVE-2026-39832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39832"
}
],
"notes": [
{
"category": "general",
"text": "When adding a key to a remote agent constraint extensions such as restrict-destination-v00@openssh.com were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all constraint extensions. Additionally, the in-memory keyring returned by NewKeyring() now rejects keys with unsupported constraint extensions instead of silently ignoring them.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39832",
"url": "https://www.suse.com/security/cve/CVE-2026-39832"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39832",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-39832"
},
{
"cve": "CVE-2026-39833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39833"
}
],
"notes": [
{
"category": "general",
"text": "The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring() now returns an error when unsupported constraints are requested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39833",
"url": "https://www.suse.com/security/cve/CVE-2026-39833"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39833",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-39833"
},
{
"cve": "CVE-2026-39834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39834"
}
],
"notes": [
{
"category": "general",
"text": "When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39834",
"url": "https://www.suse.com/security/cve/CVE-2026-39834"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39834",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-39834"
},
{
"cve": "CVE-2026-39835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39835"
}
],
"notes": [
{
"category": "general",
"text": "SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39835",
"url": "https://www.suse.com/security/cve/CVE-2026-39835"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-39835",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-39835"
},
{
"cve": "CVE-2026-42508",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-42508"
}
],
"notes": [
{
"category": "general",
"text": "Previously, a revoked \u0027SignatureKey\u0027 belonging to a CA was not correctly checked for revocation. Now, both the \u0027key\u0027 and \u0027key.SignatureKey\u0027 are checked for @revoked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-42508",
"url": "https://www.suse.com/security/cve/CVE-2026-42508"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-42508",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-42508"
},
{
"cve": "CVE-2026-46595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46595"
}
],
"notes": [
{
"category": "general",
"text": "Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46595",
"url": "https://www.suse.com/security/cve/CVE-2026-46595"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46595",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-46595"
},
{
"cve": "CVE-2026-46597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46597"
}
],
"notes": [
{
"category": "general",
"text": "An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46597",
"url": "https://www.suse.com/security/cve/CVE-2026-46597"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46597",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-46597"
},
{
"cve": "CVE-2026-46598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46598"
}
],
"notes": [
{
"category": "general",
"text": "For certain crafted inputs, a \u0027ed25519.PrivateKey\u0027 was created by casting malformed wire bytes, leading to a panic when used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46598",
"url": "https://www.suse.com/security/cve/CVE-2026-46598"
},
{
"category": "external",
"summary": "SUSE Bug 1266049 for CVE-2026-46598",
"url": "https://bugzilla.suse.com/1266049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podman-docker-5.4.2-slfo.1.1_5.1.noarch",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podman-remote-5.4.2-slfo.1.1_5.1.x86_64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.aarch64",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.ppc64le",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.s390x",
"SUSE Linux Micro 6.1:podmansh-5.4.2-slfo.1.1_5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T09:18:33Z",
"details": "important"
}
],
"title": "CVE-2026-46598"
}
]
}
WID-SEC-W-2025-2645
Vulnerability from csaf_certbund - Published: 2025-11-19 23:00 - Updated: 2026-06-16 22:00Summary
Golang Go: Mehrere Schwachstellen ermöglichen Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Go ist eine quelloffene Programmiersprache.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.3.13
Splunk / Splunk Enterprise
|
<9.3.13 | ||
|
Splunk Splunk Enterprise <9.4.12
Splunk / Splunk Enterprise
|
<9.4.12 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Splunk Splunk Enterprise <10.2.1
Splunk / Splunk Enterprise
|
<10.2.1 | ||
|
Splunk Splunk Enterprise <10.0.7
Splunk / Splunk Enterprise
|
<10.0.7 | ||
|
Splunk Splunk Enterprise <10.0.4
Splunk / Splunk Enterprise
|
<10.0.4 | ||
|
Splunk Splunk Enterprise <10.2.4
Splunk / Splunk Enterprise
|
<10.2.4 | ||
|
Splunk Splunk Enterprise <10.4.0
Splunk / Splunk Enterprise
|
<10.4.0 | ||
|
IBM MQ Operator
IBM / MQ
|
cpe:/a:ibm:mq:operator
|
Operator | |
|
IBM Storage Scale <6.0.0.1
IBM / Storage Scale
|
<6.0.0.1 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM Storage Scale <5.2.3.6
IBM / Storage Scale
|
<5.2.3.6 | ||
|
Splunk Splunk Enterprise <9.4.9
Splunk / Splunk Enterprise
|
<9.4.9 | ||
|
Splunk Splunk Enterprise <9.3.10
Splunk / Splunk Enterprise
|
<9.3.10 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
HCL BigFix SaaS
HCL / BigFix
|
cpe:/a:hcltech:bigfix:saas
|
SaaS | |
|
IBM MQ Container
IBM / MQ
|
cpe:/a:ibm:mq:container
|
Container | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— | |
|
Golang Go crypto ssh agent <0.45.0
Golang / Go
|
crypto ssh agent <0.45.0 |
Affected products
Known affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.3.13
Splunk / Splunk Enterprise
|
<9.3.13 | ||
|
Splunk Splunk Enterprise <9.4.12
Splunk / Splunk Enterprise
|
<9.4.12 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Splunk Splunk Enterprise <10.2.1
Splunk / Splunk Enterprise
|
<10.2.1 | ||
|
Splunk Splunk Enterprise <10.0.7
Splunk / Splunk Enterprise
|
<10.0.7 | ||
|
Splunk Splunk Enterprise <10.0.4
Splunk / Splunk Enterprise
|
<10.0.4 | ||
|
Splunk Splunk Enterprise <10.2.4
Splunk / Splunk Enterprise
|
<10.2.4 | ||
|
Splunk Splunk Enterprise <10.4.0
Splunk / Splunk Enterprise
|
<10.4.0 | ||
|
IBM MQ Operator
IBM / MQ
|
cpe:/a:ibm:mq:operator
|
Operator | |
|
IBM Storage Scale <6.0.0.1
IBM / Storage Scale
|
<6.0.0.1 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
IBM Storage Scale <5.2.3.6
IBM / Storage Scale
|
<5.2.3.6 | ||
|
Splunk Splunk Enterprise <9.4.9
Splunk / Splunk Enterprise
|
<9.4.9 | ||
|
Splunk Splunk Enterprise <9.3.10
Splunk / Splunk Enterprise
|
<9.3.10 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
HCL BigFix SaaS
HCL / BigFix
|
cpe:/a:hcltech:bigfix:saas
|
SaaS | |
|
IBM MQ Container
IBM / MQ
|
cpe:/a:ibm:mq:container
|
Container | |
|
IBM DB2
IBM
|
cpe:/a:ibm:db2:-
|
— | |
|
Golang Go crypto ssh agent <0.45.0
Golang / Go
|
crypto ssh agent <0.45.0 |
References
56 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Go ist eine quelloffene Programmiersprache.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2645 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2645.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2645 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2645"
},
{
"category": "external",
"summary": "golang.org/x/crypto GO-2025-4135 vom 2025-11-19",
"url": "https://pkg.go.dev/vuln/GO-2025-4135"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-f6x5-jh6r-wrfv vom 2025-11-19",
"url": "https://github.com/advisories/GHSA-f6x5-jh6r-wrfv"
},
{
"category": "external",
"summary": "golang.org/x/crypto GO-2025-4134 vom 2025-11-19",
"url": "https://pkg.go.dev/vuln/GO-2025-4134"
},
{
"category": "external",
"summary": "GitHub Security Advisory GHSA-j5w8-q4qc-rx2x vom 2025-11-19",
"url": "https://github.com/advisories/GHSA-j5w8-q4qc-rx2x"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4220-1 vom 2025-11-25",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UOLZYXYXKUYHDTMI5MUWYMLKG6RQQB3S/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15761-1 vom 2025-11-25",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WINGLFLMS3PIWPIGHCBWGAP25RHW3IQ2/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025-20143-1 vom 2025-12-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SA2FH57FMWGQVYC3SRSZ25NB6ME2DDCT/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7254313 vom 2025-12-10",
"url": "https://www.ibm.com/support/pages/node/7254313"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:20177-1 vom 2025-12-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VDMAOCE6FMUQXLIFZPI7NDGE25ALNJNL/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15841-1 vom 2025-12-23",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4XOE33SLNLUVY64NSWCNY4TLYMHQMV3E/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4526-1 vom 2025-12-26",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2BIEZKZPKMV7UOQL7PI6F5CW6HKIUKYF/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0482-1 vom 2025-12-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HMPRAQU5GUS5B5UC67PSDP37L4LKC7JE/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15852-1 vom 2025-12-30",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UHZY3LI2GBR7MKASQBV4OSVIO5S5D6OV/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0489-1 vom 2025-12-30",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5RNSFCTSBG2GHSQJDHXRD622LP7PVGT4/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0492-1 vom 2025-12-31",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ELAD4UXESKHIWS4FSKWS4HUM7LFMUU7F/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0490-1 vom 2025-12-30",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6R45NQ6HWFRMK73KRFVRXLFUIUGIM4RO/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4536-1 vom 2025-12-31",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/W745GNHMNB2QBU4UC6UH7GTHMMGIZSQS/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-092 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-092.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0014-1 vom 2026-01-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023674.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2025-083 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2025-083.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-3120 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-3120.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-090 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-090.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2025-091 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2025-091.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2DOCKER-2025-093 vom 2026-01-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2025-093.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0067-1 vom 2026-01-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023710.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20035-1 vom 2026-01-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023771.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0125-1 vom 2026-01-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MWOPD3GF7ZQ5UMYZ65LV5WSDJLDUOJBB/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10042-1 vom 2026-01-14",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UIBMUO3NNOUCRLWLWLRSW2EYY6K2CNZ6/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:0017-1 vom 2026-01-16",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EICP2A44QQLN34XBLHD6QMOGGQ7464AL/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:0016-1 vom 2026-01-16",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/K7UR7LXZH43IHFEUNMBDHSMSMLCNR6TV/"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2ECS-2026-094 vom 2026-01-22",
"url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2026-094.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20132-1 vom 2026-02-03",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2FXTOXAC757VML52GPMWYDR74WCC54GY/"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2026-02-03",
"url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=0750fd5a3b7e361028f8f547f4e45abb"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7260042 vom 2026-02-06",
"url": "https://www.ibm.com/support/pages/node/7260042"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0439-1 vom 2026-02-11",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024109.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20244-1 vom 2026-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024237.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0592-1 vom 2026-02-21",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024365.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0772-1 vom 2026-03-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024545.html"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2026-0306 vom 2026-03-11",
"url": "https://advisory.splunk.com//advisories/SVD-2026-0306"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:1118-1 vom 2026-03-28",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/025026.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20949-1 vom 2026-04-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025114.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21291-1 vom 2026-04-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025701.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7385 vom 2026-05-02",
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:15979 vom 2026-05-11",
"url": "https://access.redhat.com/errata/RHSA-2026:15979"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7273312 vom 2026-05-18",
"url": "https://www.ibm.com/support/pages/node/7273312"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:0171-1 vom 2026-05-20",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BIVNEBZ63WYWC5AIQ2LBY6JQOBOOB6RQ/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20788-1 vom 2026-05-25",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/W76Z6OSKVTEPF7Y4GPIBECSPD7BNFPF3/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:21989-1 vom 2026-06-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026592.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20902-1 vom 2026-06-05",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WRX7QSYY4H3GAFKW4L37MDF543ZQRKHS/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:0195-1 vom 2026-06-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3KY4XRJ2VHJF7MAZ7RPSSNU5NESAI7IN/"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2026-0610 vom 2026-06-10",
"url": "https://advisory.splunk.com//advisories/SVD-2026-0610"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2401-1 vom 2026-06-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026757.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:2400-1 vom 2026-06-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026758.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:26411 vom 2026-06-16",
"url": "https://access.redhat.com/errata/RHSA-2026:26411"
}
],
"source_lang": "en-US",
"title": "Golang Go: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2026-06-16T22:00:00.000+00:00",
"generator": {
"date": "2026-06-17T09:09:52.683+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2025-2645",
"initial_release_date": "2025-11-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-11-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE und openSUSE aufgenommen"
},
{
"date": "2025-12-07T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-12-10T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-12-23T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-12-28T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE und openSUSE aufgenommen"
},
{
"date": "2025-12-30T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-01-01T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-05T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon und SUSE aufgenommen"
},
{
"date": "2026-01-08T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-14T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE und openSUSE aufgenommen"
},
{
"date": "2026-01-18T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2026-02-03T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von openSUSE und HCL aufgenommen"
},
{
"date": "2026-02-08T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-02-11T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-15T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-02-22T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-03T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-11T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Splunk-SVD aufgenommen"
},
{
"date": "2026-03-29T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-01T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-04-26T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-05-03T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-11T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-18T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-19T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-05-25T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-06-07T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE und openSUSE aufgenommen"
},
{
"date": "2026-06-08T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-06-10T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Splunk-SVD aufgenommen"
},
{
"date": "2026-06-15T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-06-16T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "33"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "crypto ssh agent \u003c0.45.0",
"product": {
"name": "Golang Go crypto ssh agent \u003c0.45.0",
"product_id": "T048785"
}
},
{
"category": "product_version",
"name": "crypto ssh agent 0.45.0",
"product": {
"name": "Golang Go crypto ssh agent 0.45.0",
"product_id": "T048785-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:crypto_ssh_agent__0.45.0"
}
}
}
],
"category": "product_name",
"name": "Go"
}
],
"category": "vendor",
"name": "Golang"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "SaaS",
"product": {
"name": "HCL BigFix SaaS",
"product_id": "T049035",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:bigfix:saas"
}
}
}
],
"category": "product_name",
"name": "BigFix"
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "T048379",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Operator",
"product": {
"name": "IBM MQ Operator",
"product_id": "T036688",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator"
}
}
},
{
"category": "product_version",
"name": "Container",
"product": {
"name": "IBM MQ Container",
"product_id": "T040640",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:container"
}
}
}
],
"category": "product_name",
"name": "MQ"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.2.3.6",
"product": {
"name": "IBM Storage Scale \u003c5.2.3.6",
"product_id": "T050604"
}
},
{
"category": "product_version",
"name": "5.2.3.6",
"product": {
"name": "IBM Storage Scale 5.2.3.6",
"product_id": "T050604-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:5.2.3.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.0.0.1",
"product": {
"name": "IBM Storage Scale \u003c6.0.0.1",
"product_id": "T050605"
}
},
{
"category": "product_version",
"name": "6.0.0.1",
"product": {
"name": "IBM Storage Scale 6.0.0.1",
"product_id": "T050605-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:6.0.0.1"
}
}
}
],
"category": "product_name",
"name": "Storage Scale"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.2.1",
"product": {
"name": "Splunk Splunk Enterprise \u003c10.2.1",
"product_id": "T051633"
}
},
{
"category": "product_version",
"name": "10.2.1",
"product": {
"name": "Splunk Splunk Enterprise 10.2.1",
"product_id": "T051633-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:10.2.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.4",
"product": {
"name": "Splunk Splunk Enterprise \u003c10.0.4",
"product_id": "T051634"
}
},
{
"category": "product_version",
"name": "10.0.4",
"product": {
"name": "Splunk Splunk Enterprise 10.0.4",
"product_id": "T051634-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:10.0.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.9",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.4.9",
"product_id": "T051635"
}
},
{
"category": "product_version",
"name": "9.4.9",
"product": {
"name": "Splunk Splunk Enterprise 9.4.9",
"product_id": "T051635-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.4.9"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.10",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.3.10",
"product_id": "T051636"
}
},
{
"category": "product_version",
"name": "9.3.10",
"product": {
"name": "Splunk Splunk Enterprise 9.3.10",
"product_id": "T051636-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.3.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.4.0",
"product": {
"name": "Splunk Splunk Enterprise \u003c10.4.0",
"product_id": "T055207"
}
},
{
"category": "product_version",
"name": "10.4.0",
"product": {
"name": "Splunk Splunk Enterprise 10.4.0",
"product_id": "T055207-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:10.4.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.4",
"product": {
"name": "Splunk Splunk Enterprise \u003c10.2.4",
"product_id": "T055208"
}
},
{
"category": "product_version",
"name": "10.2.4",
"product": {
"name": "Splunk Splunk Enterprise 10.2.4",
"product_id": "T055208-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:10.2.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.7",
"product": {
"name": "Splunk Splunk Enterprise \u003c10.0.7",
"product_id": "T055209"
}
},
{
"category": "product_version",
"name": "10.0.7",
"product": {
"name": "Splunk Splunk Enterprise 10.0.7",
"product_id": "T055209-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:10.0.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.12",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.4.12",
"product_id": "T055210"
}
},
{
"category": "product_version",
"name": "9.4.12",
"product": {
"name": "Splunk Splunk Enterprise 9.4.12",
"product_id": "T055210-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.4.12"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.13",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.3.13",
"product_id": "T055211"
}
},
{
"category": "product_version",
"name": "9.3.13",
"product": {
"name": "Splunk Splunk Enterprise 9.3.13",
"product_id": "T055211-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.3.13"
}
}
}
],
"category": "product_name",
"name": "Splunk Enterprise"
}
],
"category": "vendor",
"name": "Splunk"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47914",
"product_status": {
"known_affected": [
"T055211",
"T055210",
"67646",
"T051633",
"T055209",
"T051634",
"T055208",
"T055207",
"T036688",
"T050605",
"T002207",
"T050604",
"T051635",
"T051636",
"T027843",
"398363",
"T049035",
"T040640",
"T048379",
"T048785"
]
},
"release_date": "2025-11-19T23:00:00.000+00:00",
"title": "CVE-2025-47914"
},
{
"cve": "CVE-2025-58181",
"product_status": {
"known_affected": [
"T055211",
"T055210",
"67646",
"T051633",
"T055209",
"T051634",
"T055208",
"T055207",
"T036688",
"T050605",
"T002207",
"T050604",
"T051635",
"T051636",
"T027843",
"398363",
"T049035",
"T040640",
"T048379",
"T048785"
]
},
"release_date": "2025-11-19T23:00:00.000+00:00",
"title": "CVE-2025-58181"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…