Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-33186 (GCVE-0-2026-33186)
Vulnerability from cvelistv5 – Published: 2026-03-20 22:23 – Updated: 2026-03-24 18:09
VLAI
EPSS
Title
gRPC-Go has an authorization bypass via missing leading slash in :path
Summary
gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, "deny" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback "allow" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific "deny" rules for canonical paths but allows other requests by default (a fallback "allow" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-285 - Improper Authorization
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/grpc/grpc-go/security/advisori… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33186",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-24T18:08:38.989284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-24T18:09:13.422Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "grpc-go",
"vendor": "grpc",
"versions": [
{
"status": "affected",
"version": "\u003c 1.79.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-20T22:23:32.147Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"source": {
"advisory": "GHSA-p77j-4mvh-x3m3",
"discovery": "UNKNOWN"
},
"title": "gRPC-Go has an authorization bypass via missing leading slash in :path"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-33186",
"datePublished": "2026-03-20T22:23:32.147Z",
"dateReserved": "2026-03-17T22:16:36.720Z",
"dateUpdated": "2026-03-24T18:09:13.422Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-33186",
"date": "2026-06-28",
"epss": "0.00522",
"percentile": "0.40351"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-33186\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-20T23:16:45.180\",\"lastModified\":\"2026-06-17T10:37:05.900\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \\\"deny\\\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \\\"allow\\\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \\\"deny\\\" rules for canonical paths but allows other requests by default (a fallback \\\"allow\\\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.\"},{\"lang\":\"es\",\"value\":\"gRPC-Go es la implementaci\u00f3n en lenguaje Go de gRPC. Las versiones anteriores a la 1.79.3 tienen un bypass de autorizaci\u00f3n resultante de una validaci\u00f3n de entrada incorrecta del pseudo-encabezado HTTP/2 \u0027:path\u0027. El servidor gRPC-Go era demasiado indulgente en su l\u00f3gica de enrutamiento, aceptando solicitudes donde el \u0027:path\u0027 omit\u00eda la barra inicial obligatoria (por ejemplo, \u0027Service/Method\u0027 en lugar de \u0027/Service/Method\u0027). Si bien el servidor enrut\u00f3 con \u00e9xito estas solicitudes al gestor correcto, los interceptores de autorizaci\u00f3n (incluido el paquete oficial \u0027grpc/authz\u0027) evaluaron la cadena de ruta cruda y no can\u00f3nica. En consecuencia, las reglas de \u0027denegaci\u00f3n\u0027 definidas usando rutas can\u00f3nicas (que comienzan con \u0027/\u0027) no lograron coincidir con la solicitud entrante, permitiendo que bypassara la pol\u00edtica si una regla de \u0027permiso\u0027 de respaldo estaba presente. Esto afecta a los servidores gRPC-Go que utilizan interceptores de autorizaci\u00f3n basados en rutas, como la implementaci\u00f3n oficial de RBAC en \u0027google.golang.org/grpc/authz\u0027 o interceptores personalizados que dependen de \u0027info.FullMethod\u0027 o \u0027grpc.Method(ctx)\u0027; Y que tienen una pol\u00edtica de seguridad que contiene reglas de \u0027denegaci\u00f3n\u0027 espec\u00edficas para rutas can\u00f3nicas pero permite otras solicitudes por defecto (una regla de \u0027permiso\u0027 de respaldo). La vulnerabilidad es explotable por un atacante que puede enviar tramas HTTP/2 crudas con encabezados \u0027:path\u0027 malformados directamente al servidor gRPC. La correcci\u00f3n en la versi\u00f3n 1.79.3 asegura que cualquier solicitud con un \u0027:path\u0027 que no comience con una barra inicial sea inmediatamente rechazada con un error \u0027codes.Unimplemented\u0027, impidiendo que llegue a los interceptores de autorizaci\u00f3n o gestores con una cadena de ruta no can\u00f3nica. Si bien la actualizaci\u00f3n es la ruta m\u00e1s segura y recomendada, los usuarios pueden mitigar la vulnerabilidad utilizando uno de los siguientes m\u00e9todos: Usar un interceptor de validaci\u00f3n (mitigaci\u00f3n recomendada); normalizaci\u00f3n a nivel de infraestructura; y/o endurecimiento de pol\u00edticas.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"grpc\",\"product\":\"grpc-go\",\"versions\":[{\"version\":\"\u003c 1.79.3\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":9.1,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":5.2}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-03-24T18:08:38.989284Z\",\"id\":\"CVE-2026-33186\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-285\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grpc:grpc:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"1.79.3\",\"matchCriteriaId\":\"D5AB3ED0-D11B-461E-B2B1-627D5CCEA236\"}]}]}],\"references\":[{\"url\":\"https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33186\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-24T18:08:38.989284Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-24T18:09:03.096Z\"}}], \"cna\": {\"title\": \"gRPC-Go has an authorization bypass via missing leading slash in :path\", \"source\": {\"advisory\": \"GHSA-p77j-4mvh-x3m3\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"grpc\", \"product\": \"grpc-go\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.79.3\"}]}], \"references\": [{\"url\": \"https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3\", \"name\": \"https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \\\"deny\\\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \\\"allow\\\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \\\"deny\\\" rules for canonical paths but allows other requests by default (a fallback \\\"allow\\\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-285\", \"description\": \"CWE-285: Improper Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-20T22:23:32.147Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-33186\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-03-24T18:09:13.422Z\", \"dateReserved\": \"2026-03-17T22:16:36.720Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-20T22:23:32.147Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
OPENSUSE-SU-2026:10484-1
Vulnerability from csaf_opensuse - Published: 2026-04-03 00:00 - Updated: 2026-04-03 00:00Summary
k6-1.7.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: k6-1.7.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the k6-1.7.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10484
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:k6-1.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-1.7.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-1.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-1.7.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "k6-1.7.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the k6-1.7.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10484",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10484-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
}
],
"title": "k6-1.7.1-1.1 on GA media",
"tracking": {
"current_release_date": "2026-04-03T00:00:00Z",
"generator": {
"date": "2026-04-03T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10484-1",
"initial_release_date": "2026-04-03T00:00:00Z",
"revision_history": [
{
"date": "2026-04-03T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "k6-1.7.1-1.1.aarch64",
"product": {
"name": "k6-1.7.1-1.1.aarch64",
"product_id": "k6-1.7.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "k6-bash-completion-1.7.1-1.1.aarch64",
"product": {
"name": "k6-bash-completion-1.7.1-1.1.aarch64",
"product_id": "k6-bash-completion-1.7.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "k6-fish-completion-1.7.1-1.1.aarch64",
"product": {
"name": "k6-fish-completion-1.7.1-1.1.aarch64",
"product_id": "k6-fish-completion-1.7.1-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "k6-zsh-completion-1.7.1-1.1.aarch64",
"product": {
"name": "k6-zsh-completion-1.7.1-1.1.aarch64",
"product_id": "k6-zsh-completion-1.7.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "k6-1.7.1-1.1.ppc64le",
"product": {
"name": "k6-1.7.1-1.1.ppc64le",
"product_id": "k6-1.7.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "k6-bash-completion-1.7.1-1.1.ppc64le",
"product": {
"name": "k6-bash-completion-1.7.1-1.1.ppc64le",
"product_id": "k6-bash-completion-1.7.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "k6-fish-completion-1.7.1-1.1.ppc64le",
"product": {
"name": "k6-fish-completion-1.7.1-1.1.ppc64le",
"product_id": "k6-fish-completion-1.7.1-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "k6-zsh-completion-1.7.1-1.1.ppc64le",
"product": {
"name": "k6-zsh-completion-1.7.1-1.1.ppc64le",
"product_id": "k6-zsh-completion-1.7.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "k6-1.7.1-1.1.s390x",
"product": {
"name": "k6-1.7.1-1.1.s390x",
"product_id": "k6-1.7.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "k6-bash-completion-1.7.1-1.1.s390x",
"product": {
"name": "k6-bash-completion-1.7.1-1.1.s390x",
"product_id": "k6-bash-completion-1.7.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "k6-fish-completion-1.7.1-1.1.s390x",
"product": {
"name": "k6-fish-completion-1.7.1-1.1.s390x",
"product_id": "k6-fish-completion-1.7.1-1.1.s390x"
}
},
{
"category": "product_version",
"name": "k6-zsh-completion-1.7.1-1.1.s390x",
"product": {
"name": "k6-zsh-completion-1.7.1-1.1.s390x",
"product_id": "k6-zsh-completion-1.7.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "k6-1.7.1-1.1.x86_64",
"product": {
"name": "k6-1.7.1-1.1.x86_64",
"product_id": "k6-1.7.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "k6-bash-completion-1.7.1-1.1.x86_64",
"product": {
"name": "k6-bash-completion-1.7.1-1.1.x86_64",
"product_id": "k6-bash-completion-1.7.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "k6-fish-completion-1.7.1-1.1.x86_64",
"product": {
"name": "k6-fish-completion-1.7.1-1.1.x86_64",
"product_id": "k6-fish-completion-1.7.1-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "k6-zsh-completion-1.7.1-1.1.x86_64",
"product": {
"name": "k6-zsh-completion-1.7.1-1.1.x86_64",
"product_id": "k6-zsh-completion-1.7.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-1.7.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-1.7.1-1.1.aarch64"
},
"product_reference": "k6-1.7.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-1.7.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-1.7.1-1.1.ppc64le"
},
"product_reference": "k6-1.7.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-1.7.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-1.7.1-1.1.s390x"
},
"product_reference": "k6-1.7.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-1.7.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-1.7.1-1.1.x86_64"
},
"product_reference": "k6-1.7.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-bash-completion-1.7.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.aarch64"
},
"product_reference": "k6-bash-completion-1.7.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-bash-completion-1.7.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.ppc64le"
},
"product_reference": "k6-bash-completion-1.7.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-bash-completion-1.7.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.s390x"
},
"product_reference": "k6-bash-completion-1.7.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-bash-completion-1.7.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.x86_64"
},
"product_reference": "k6-bash-completion-1.7.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-fish-completion-1.7.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.aarch64"
},
"product_reference": "k6-fish-completion-1.7.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-fish-completion-1.7.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.ppc64le"
},
"product_reference": "k6-fish-completion-1.7.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-fish-completion-1.7.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.s390x"
},
"product_reference": "k6-fish-completion-1.7.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-fish-completion-1.7.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.x86_64"
},
"product_reference": "k6-fish-completion-1.7.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-zsh-completion-1.7.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.aarch64"
},
"product_reference": "k6-zsh-completion-1.7.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-zsh-completion-1.7.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.ppc64le"
},
"product_reference": "k6-zsh-completion-1.7.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-zsh-completion-1.7.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.s390x"
},
"product_reference": "k6-zsh-completion-1.7.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "k6-zsh-completion-1.7.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.x86_64"
},
"product_reference": "k6-zsh-completion-1.7.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:k6-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:k6-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:k6-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-bash-completion-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-fish-completion-1.7.1-1.1.x86_64",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.aarch64",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.ppc64le",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.s390x",
"openSUSE Tumbleweed:k6-zsh-completion-1.7.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-03T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
}
]
}
OPENSUSE-SU-2026:10601-1
Vulnerability from csaf_opensuse - Published: 2026-04-22 00:00 - Updated: 2026-04-22 00:00Summary
grafana-11.6.14+security01-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: grafana-11.6.14+security01-1.1 on GA media
Description of the patch: These are all security issues fixed in the grafana-11.6.14+security01-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10601
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.4 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
9.1 (Critical)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
38 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "grafana-11.6.14+security01-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the grafana-11.6.14+security01-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10601",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10601-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-21720 page",
"url": "https://www.suse.com/security/cve/CVE-2026-21720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-21721 page",
"url": "https://www.suse.com/security/cve/CVE-2026-21721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-21722 page",
"url": "https://www.suse.com/security/cve/CVE-2026-21722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-21724 page",
"url": "https://www.suse.com/security/cve/CVE-2026-21724/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-21725 page",
"url": "https://www.suse.com/security/cve/CVE-2026-21725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26958 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27876 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27877 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27879 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-28375 page",
"url": "https://www.suse.com/security/cve/CVE-2026-28375/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33375 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33375/"
}
],
"title": "grafana-11.6.14+security01-1.1 on GA media",
"tracking": {
"current_release_date": "2026-04-22T00:00:00Z",
"generator": {
"date": "2026-04-22T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10601-1",
"initial_release_date": "2026-04-22T00:00:00Z",
"revision_history": [
{
"date": "2026-04-22T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.14+security01-1.1.aarch64",
"product": {
"name": "grafana-11.6.14+security01-1.1.aarch64",
"product_id": "grafana-11.6.14+security01-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.14+security01-1.1.ppc64le",
"product": {
"name": "grafana-11.6.14+security01-1.1.ppc64le",
"product_id": "grafana-11.6.14+security01-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.14+security01-1.1.s390x",
"product": {
"name": "grafana-11.6.14+security01-1.1.s390x",
"product_id": "grafana-11.6.14+security01-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-11.6.14+security01-1.1.x86_64",
"product": {
"name": "grafana-11.6.14+security01-1.1.x86_64",
"product_id": "grafana-11.6.14+security01-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.14+security01-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64"
},
"product_reference": "grafana-11.6.14+security01-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.14+security01-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le"
},
"product_reference": "grafana-11.6.14+security01-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.14+security01-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x"
},
"product_reference": "grafana-11.6.14+security01-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.14+security01-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
},
"product_reference": "grafana-11.6.14+security01-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-21720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-21720"
}
],
"notes": [
{
"category": "general",
"text": "Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel. Sustained traffic with random hashes keeps tripping this timeout, so goroutine count grows linearly, eventually exhausting memory and causing Grafana to crash on some systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-21720",
"url": "https://www.suse.com/security/cve/CVE-2026-21720"
},
{
"category": "external",
"summary": "SUSE Bug 1257349 for CVE-2026-21720",
"url": "https://bugzilla.suse.com/1257349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-21720"
},
{
"cve": "CVE-2026-21721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-21721"
}
],
"notes": [
{
"category": "general",
"text": "The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization-internal privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-21721",
"url": "https://www.suse.com/security/cve/CVE-2026-21721"
},
{
"category": "external",
"summary": "SUSE Bug 1257337 for CVE-2026-21721",
"url": "https://bugzilla.suse.com/1257337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-21721"
},
{
"cve": "CVE-2026-21722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-21722"
}
],
"notes": [
{
"category": "general",
"text": "Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange.\n\nThis did not leak any annotations that would not otherwise be visible on the public dashboard.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-21722",
"url": "https://www.suse.com/security/cve/CVE-2026-21722"
},
{
"category": "external",
"summary": "SUSE Bug 1258136 for CVE-2026-21722",
"url": "https://bugzilla.suse.com/1258136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-21722"
},
{
"cve": "CVE-2026-21724",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-21724"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allows users with Editor role to modify protected webhook URLs without the required alert.notifications.receivers.protected:write permission.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-21724",
"url": "https://www.suse.com/security/cve/CVE-2026-21724"
},
{
"category": "external",
"summary": "SUSE Bug 1260878 for CVE-2026-21724",
"url": "https://bugzilla.suse.com/1260878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-21724"
},
{
"cve": "CVE-2026-21725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-21725"
}
],
"notes": [
{
"category": "general",
"text": "A time-of-create-to-time-of-use (TOCTOU) vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so.\n\nThis requires several very stringent conditions to be met:\n\n- The attacker must have admin access to the specific datasource prior to its first deletion.\n- Upon deletion, all steps within the attack must happen within the next 30 seconds and on the same pod of Grafana.\n- The attacker must delete the datasource, then someone must recreate it.\n- The new datasource must not have the attacker as an admin.\n- The new datasource must have the same UID as the prior datasource. These are randomised by default.\n- The datasource can now be re-deleted by the attacker.\n- Once 30 seconds are up, the attack is spent and cannot be repeated.\n- No datasource with any other UID can be attacked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-21725",
"url": "https://www.suse.com/security/cve/CVE-2026-21725"
},
{
"category": "external",
"summary": "SUSE Bug 1258873 for CVE-2026-21725",
"url": "https://bugzilla.suse.com/1258873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2026-21725"
},
{
"cve": "CVE-2026-26958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26958"
}
],
"notes": [
{
"category": "general",
"text": "filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If (*Point).MultiScalarMult is called on an initialized point that is not the identity point, it returns an incorrect result. If the method is called on an uninitialized point, the behavior is undefined. In particular, if the receiver is the zero value, MultiScalarMult returns an invalid point that compares Equal to every other point. Note that MultiScalarMult is a rarely used, advanced API. For example, users who depend on filippo.io/edwards25519 only through github.com/go-sql-driver/mysql are not affected. This issue has been fixed in version 1.1.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26958",
"url": "https://www.suse.com/security/cve/CVE-2026-26958"
},
{
"category": "external",
"summary": "SUSE Bug 1258570 for CVE-2026-26958",
"url": "https://bugzilla.suse.com/1258570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-26958"
},
{
"cve": "CVE-2026-27876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27876"
}
],
"notes": [
{
"category": "general",
"text": "A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact (RCE). This is enabled by a feature in Grafana (OSS), so all users are always recommended to update to avoid future attack vectors going this path.\n\nOnly instances with the sqlExpressions feature toggle enabled are vulnerable.\n\nOnly instances in the following version ranges are affected:\n\n- 11.6.0 (inclusive) to 11.6.14 (exclusive): 11.6.14 has the fix. 11.5 and below are not affected.\n- 12.0.0 (inclusive) to 12.1.10 (exclusive): 12.1.10 has the fix. 12.0 did not receive an update, as it is end-of-life.\n- 12.2.0 (inclusive) to 12.2.8 (exclusive): 12.2.8 has the fix.\n- 12.3.0 (inclusive) to 12.3.6 (exclusive): 12.3.6 has the fix.\n- 12.4.0 (inclusive) to 12.4.2 (exclusive): 12.4.2 has the fix. 13.0.0 and above also have the fix: no v13 release is affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27876",
"url": "https://www.suse.com/security/cve/CVE-2026-27876"
},
{
"category": "external",
"summary": "SUSE Bug 1261025 for CVE-2026-27876",
"url": "https://bugzilla.suse.com/1261025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2026-27876"
},
{
"cve": "CVE-2026-27877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27877"
}
],
"notes": [
{
"category": "general",
"text": "When using public dashboards and direct data-sources, all direct data-sources\u0027 passwords are exposed despite not being used in dashboards.\n\nNo passwords of proxied data-sources are exposed. We encourage all direct data-sources to be converted to proxied data-sources as far as possible to improve your deployments\u0027 security.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27877",
"url": "https://www.suse.com/security/cve/CVE-2026-27877"
},
{
"category": "external",
"summary": "SUSE Bug 1261026 for CVE-2026-27877",
"url": "https://bugzilla.suse.com/1261026"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-27877"
},
{
"cve": "CVE-2026-27879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27879"
}
],
"notes": [
{
"category": "general",
"text": "A resample query can be used to trigger out-of-memory crashes in Grafana.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27879",
"url": "https://www.suse.com/security/cve/CVE-2026-27879"
},
{
"category": "external",
"summary": "SUSE Bug 1261027 for CVE-2026-27879",
"url": "https://bugzilla.suse.com/1261027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-27879"
},
{
"cve": "CVE-2026-28375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-28375"
}
],
"notes": [
{
"category": "general",
"text": "A testdata data-source can be used to trigger out-of-memory crashes in Grafana.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-28375",
"url": "https://www.suse.com/security/cve/CVE-2026-28375"
},
{
"category": "external",
"summary": "SUSE Bug 1261029 for CVE-2026-28375",
"url": "https://bugzilla.suse.com/1261029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-28375"
},
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
},
{
"cve": "CVE-2026-33375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33375"
}
],
"notes": [
{
"category": "general",
"text": "The Grafana MSSQL data source plugin contains a logic flaw that allows a low-privileged user (Viewer) to bypass API restrictions and trigger a catastrophic Out-Of-Memory (OOM) memory exhaustion, crashing the host container.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33375",
"url": "https://www.suse.com/security/cve/CVE-2026-33375"
},
{
"category": "external",
"summary": "SUSE Bug 1260881 for CVE-2026-33375",
"url": "https://bugzilla.suse.com/1260881"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.aarch64",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.s390x",
"openSUSE Tumbleweed:grafana-11.6.14+security01-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-22T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-33375"
}
]
}
OPENSUSE-SU-2026:10618-1
Vulnerability from csaf_opensuse - Published: 2026-04-26 00:00 - Updated: 2026-04-26 00:00Summary
alloy-1.15.1-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: alloy-1.15.1-1.1 on GA media
Description of the patch: These are all security issues fixed in the alloy-1.15.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10618
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "alloy-1.15.1-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the alloy-1.15.1-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10618",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10618-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25934 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-26958 page",
"url": "https://www.suse.com/security/cve/CVE-2026-26958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
}
],
"title": "alloy-1.15.1-1.1 on GA media",
"tracking": {
"current_release_date": "2026-04-26T00:00:00Z",
"generator": {
"date": "2026-04-26T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10618-1",
"initial_release_date": "2026-04-26T00:00:00Z",
"revision_history": [
{
"date": "2026-04-26T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.15.1-1.1.aarch64",
"product": {
"name": "alloy-1.15.1-1.1.aarch64",
"product_id": "alloy-1.15.1-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.15.1-1.1.ppc64le",
"product": {
"name": "alloy-1.15.1-1.1.ppc64le",
"product_id": "alloy-1.15.1-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.15.1-1.1.s390x",
"product": {
"name": "alloy-1.15.1-1.1.s390x",
"product_id": "alloy-1.15.1-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "alloy-1.15.1-1.1.x86_64",
"product": {
"name": "alloy-1.15.1-1.1.x86_64",
"product_id": "alloy-1.15.1-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.15.1-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64"
},
"product_reference": "alloy-1.15.1-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.15.1-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le"
},
"product_reference": "alloy-1.15.1-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.15.1-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x"
},
"product_reference": "alloy-1.15.1-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "alloy-1.15.1-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64"
},
"product_reference": "alloy-1.15.1-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25934"
}
],
"notes": [
{
"category": "general",
"text": "go-git is a highly extensible git implementation library written in pure Go. Prior to 5.16.5, a vulnerability was discovered in go-git whereby data integrity values for .pack and .idx files were not properly verified. This resulted in go-git potentially consuming corrupted files, which would likely result in unexpected errors such as object not found. For context, clients fetch packfiles from upstream Git servers. Those files contain a checksum of their contents, so that clients can perform integrity checks before consuming it. The pack indexes (.idx) are generated locally by go-git, or the git cli, when new .pack files are received and processed. The integrity checks for both files were not being verified correctly. This vulnerability is fixed in 5.16.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25934",
"url": "https://www.suse.com/security/cve/CVE-2026-25934"
},
{
"category": "external",
"summary": "SUSE Bug 1258093 for CVE-2026-25934",
"url": "https://bugzilla.suse.com/1258093"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-26T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-25934"
},
{
"cve": "CVE-2026-26958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-26958"
}
],
"notes": [
{
"category": "general",
"text": "filippo.io/edwards25519 is a Go library implementing the edwards25519 elliptic curve with APIs for building cryptographic primitives. In versions 1.1.0 and earlier, MultiScalarMult produces invalid results or undefined behavior if the receiver is not the identity point. If (*Point).MultiScalarMult is called on an initialized point that is not the identity point, it returns an incorrect result. If the method is called on an uninitialized point, the behavior is undefined. In particular, if the receiver is the zero value, MultiScalarMult returns an invalid point that compares Equal to every other point. Note that MultiScalarMult is a rarely used, advanced API. For example, users who depend on filippo.io/edwards25519 only through github.com/go-sql-driver/mysql are not affected. This issue has been fixed in version 1.1.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-26958",
"url": "https://www.suse.com/security/cve/CVE-2026-26958"
},
{
"category": "external",
"summary": "SUSE Bug 1258570 for CVE-2026-26958",
"url": "https://bugzilla.suse.com/1258570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-26T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-26958"
},
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:alloy-1.15.1-1.1.aarch64",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.ppc64le",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.s390x",
"openSUSE Tumbleweed:alloy-1.15.1-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-26T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
}
]
}
OPENSUSE-SU-2026:10631-1
Vulnerability from csaf_opensuse - Published: 2026-04-28 00:00 - Updated: 2026-04-28 00:00Summary
distribution-registry-3.1.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: distribution-registry-3.1.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the distribution-registry-3.1.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10631
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "distribution-registry-3.1.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the distribution-registry-3.1.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10631",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10631-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33540 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34986 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-35172 page",
"url": "https://www.suse.com/security/cve/CVE-2026-35172/"
}
],
"title": "distribution-registry-3.1.0-1.1 on GA media",
"tracking": {
"current_release_date": "2026-04-28T00:00:00Z",
"generator": {
"date": "2026-04-28T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10631-1",
"initial_release_date": "2026-04-28T00:00:00Z",
"revision_history": [
{
"date": "2026-04-28T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "distribution-registry-3.1.0-1.1.aarch64",
"product": {
"name": "distribution-registry-3.1.0-1.1.aarch64",
"product_id": "distribution-registry-3.1.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "distribution-registry-3.1.0-1.1.ppc64le",
"product": {
"name": "distribution-registry-3.1.0-1.1.ppc64le",
"product_id": "distribution-registry-3.1.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "distribution-registry-3.1.0-1.1.s390x",
"product": {
"name": "distribution-registry-3.1.0-1.1.s390x",
"product_id": "distribution-registry-3.1.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "distribution-registry-3.1.0-1.1.x86_64",
"product": {
"name": "distribution-registry-3.1.0-1.1.x86_64",
"product_id": "distribution-registry-3.1.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "distribution-registry-3.1.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64"
},
"product_reference": "distribution-registry-3.1.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "distribution-registry-3.1.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le"
},
"product_reference": "distribution-registry-3.1.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "distribution-registry-3.1.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x"
},
"product_reference": "distribution-registry-3.1.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "distribution-registry-3.1.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
},
"product_reference": "distribution-registry-3.1.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
},
{
"cve": "CVE-2026-33540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33540"
}
],
"notes": [
{
"category": "general",
"text": "Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, in pull-through cache mode, distribution discovers token auth endpoints by parsing WWW-Authenticate challenges returned by the configured upstream registry. The realm URL from a bearer challenge is used without validating that it matches the upstream registry host. As a result, an attacker-controlled upstream (or an attacker with MitM position to the upstream) can cause distribution to send the configured upstream credentials via basic auth to an attacker-controlled realm URL. This vulnerability is fixed in 3.1.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33540",
"url": "https://www.suse.com/security/cve/CVE-2026-33540"
},
{
"category": "external",
"summary": "SUSE Bug 1261793 for CVE-2026-33540",
"url": "https://bugzilla.suse.com/1261793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-33540"
},
{
"cve": "CVE-2026-34986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34986"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34986",
"url": "https://www.suse.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "SUSE Bug 1262805 for CVE-2026-34986",
"url": "https://bugzilla.suse.com/1262805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-34986"
},
{
"cve": "CVE-2026-35172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-35172"
}
],
"notes": [
{
"category": "general",
"text": "Distribution is a toolkit to pack, ship, store, and deliver container content. Prior to 3.1.0, distribution can restore read access in repo a after an explicit delete when storage.cache.blobdescriptor: redis and storage.delete.enabled: true are both enabled. The delete path clears the shared digest descriptor but leaves stale repo-scoped membership behind, so a later Stat or Get from repo b repopulates the shared descriptor and makes the deleted blob readable from repo a again. This vulnerability is fixed in 3.1.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-35172",
"url": "https://www.suse.com/security/cve/CVE-2026-35172"
},
{
"category": "external",
"summary": "SUSE Bug 1262096 for CVE-2026-35172",
"url": "https://bugzilla.suse.com/1262096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.aarch64",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.ppc64le",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.s390x",
"openSUSE Tumbleweed:distribution-registry-3.1.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-35172"
}
]
}
OPENSUSE-SU-2026:10651-1
Vulnerability from csaf_opensuse - Published: 2026-04-28 00:00 - Updated: 2026-04-28 00:00Summary
trivy-0.70.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: trivy-0.70.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the trivy-0.70.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10651
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.1 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
23 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "trivy-0.70.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the trivy-0.70.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10651",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10651-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-69725 page",
"url": "https://www.suse.com/security/cve/CVE-2025-69725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25934 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33747 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33748 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34986 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39984 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39984/"
}
],
"title": "trivy-0.70.0-1.1 on GA media",
"tracking": {
"current_release_date": "2026-04-28T00:00:00Z",
"generator": {
"date": "2026-04-28T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10651-1",
"initial_release_date": "2026-04-28T00:00:00Z",
"revision_history": [
{
"date": "2026-04-28T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.70.0-1.1.aarch64",
"product": {
"name": "trivy-0.70.0-1.1.aarch64",
"product_id": "trivy-0.70.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.70.0-1.1.ppc64le",
"product": {
"name": "trivy-0.70.0-1.1.ppc64le",
"product_id": "trivy-0.70.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.70.0-1.1.s390x",
"product": {
"name": "trivy-0.70.0-1.1.s390x",
"product_id": "trivy-0.70.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "trivy-0.70.0-1.1.x86_64",
"product": {
"name": "trivy-0.70.0-1.1.x86_64",
"product_id": "trivy-0.70.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.70.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64"
},
"product_reference": "trivy-0.70.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.70.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le"
},
"product_reference": "trivy-0.70.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.70.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x"
},
"product_reference": "trivy-0.70.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "trivy-0.70.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
},
"product_reference": "trivy-0.70.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-69725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-69725"
}
],
"notes": [
{
"category": "general",
"text": "An Open Redirect vulnerability in the go-chi/chi \u003e=5.2.2 RedirectSlashes function allows remote attackers to redirect victim users to malicious websites using the legitimate website domain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-69725",
"url": "https://www.suse.com/security/cve/CVE-2025-69725"
},
{
"category": "external",
"summary": "SUSE Bug 1258511 for CVE-2025-69725",
"url": "https://bugzilla.suse.com/1258511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-69725"
},
{
"cve": "CVE-2026-25934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25934"
}
],
"notes": [
{
"category": "general",
"text": "go-git is a highly extensible git implementation library written in pure Go. Prior to 5.16.5, a vulnerability was discovered in go-git whereby data integrity values for .pack and .idx files were not properly verified. This resulted in go-git potentially consuming corrupted files, which would likely result in unexpected errors such as object not found. For context, clients fetch packfiles from upstream Git servers. Those files contain a checksum of their contents, so that clients can perform integrity checks before consuming it. The pack indexes (.idx) are generated locally by go-git, or the git cli, when new .pack files are received and processed. The integrity checks for both files were not being verified correctly. This vulnerability is fixed in 5.16.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25934",
"url": "https://www.suse.com/security/cve/CVE-2026-25934"
},
{
"category": "external",
"summary": "SUSE Bug 1258093 for CVE-2026-25934",
"url": "https://bugzilla.suse.com/1258093"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-25934"
},
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
},
{
"cve": "CVE-2026-33747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33747"
}
],
"notes": [
{
"category": "general",
"text": "BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for the execution context. The issue has been fixed in v0.28.1. The vulnerability requires using an untrusted BuildKit frontend set with `#syntax` or `--build-arg BUILDKIT_SYNTAX`. Using these options with a well-known frontend image like `docker/dockerfile` is not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33747",
"url": "https://www.suse.com/security/cve/CVE-2026-33747"
},
{
"category": "external",
"summary": "SUSE Bug 1260954 for CVE-2026-33747",
"url": "https://bugzilla.suse.com/1260954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33747"
},
{
"cve": "CVE-2026-33748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33748"
}
],
"notes": [
{
"category": "general",
"text": "BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is limited to files on the same mounted filesystem. The issue has been fixed in version v0.28.1 The issue affects only builds that use Git URLs with a subpath component. As a workaround, avoid building Dockerfiles from untrusted sources or using the subdir component from an untrusted Git repository where the subdir component could point to a symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33748",
"url": "https://www.suse.com/security/cve/CVE-2026-33748"
},
{
"category": "external",
"summary": "SUSE Bug 1261046 for CVE-2026-33748",
"url": "https://bugzilla.suse.com/1261046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33748"
},
{
"cve": "CVE-2026-34986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34986"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34986",
"url": "https://www.suse.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "SUSE Bug 1262805 for CVE-2026-34986",
"url": "https://bugzilla.suse.com/1262805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-28T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-34986"
},
{
"cve": "CVE-2026-39984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39984"
}
],
"notes": [
{
"category": "general",
"text": "Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint checks in VerifyLeafCert uses the first non-CA certificate from the PKCS#7 certificate bag instead of the leaf certificate from the verified chain. An attacker can exploit this by prepending a forged certificate to the certificate bag while the message is signed with an authorized key, causing the library to validate the signature against one certificate but perform authorization checks against another. This vulnerability only affects users of the timestamp-authority/v2/pkg/verification package and does not affect the timestamp-authority service itself or sigstore-go. The issue has been fixed in version 2.0.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39984",
"url": "https://www.suse.com/security/cve/CVE-2026-39984"
},
{
"category": "external",
"summary": "SUSE Bug 1262338 for CVE-2026-39984",
"url": "https://bugzilla.suse.com/1262338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:trivy-0.70.0-1.1.aarch64",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.ppc64le",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.s390x",
"openSUSE Tumbleweed:trivy-0.70.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-04-28T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-39984"
}
]
}
OPENSUSE-SU-2026:10700-1
Vulnerability from csaf_opensuse - Published: 2026-05-06 00:00 - Updated: 2026-05-06 00:00Summary
apptainer-1.4.5-4.1 on GA media
Severity
Moderate
Notes
Title of the patch: apptainer-1.4.5-4.1 on GA media
Description of the patch: These are all security issues fixed in the apptainer-1.4.5-4.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10700
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "apptainer-1.4.5-4.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the apptainer-1.4.5-4.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10700",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10700-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-24137 page",
"url": "https://www.suse.com/security/cve/CVE-2026-24137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34986 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34986/"
}
],
"title": "apptainer-1.4.5-4.1 on GA media",
"tracking": {
"current_release_date": "2026-05-06T00:00:00Z",
"generator": {
"date": "2026-05-06T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10700-1",
"initial_release_date": "2026-05-06T00:00:00Z",
"revision_history": [
{
"date": "2026-05-06T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.4.5-4.1.aarch64",
"product": {
"name": "apptainer-1.4.5-4.1.aarch64",
"product_id": "apptainer-1.4.5-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "apptainer-leap-1.4.5-4.1.aarch64",
"product": {
"name": "apptainer-leap-1.4.5-4.1.aarch64",
"product_id": "apptainer-leap-1.4.5-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "apptainer-sle15_7-1.4.5-4.1.aarch64",
"product": {
"name": "apptainer-sle15_7-1.4.5-4.1.aarch64",
"product_id": "apptainer-sle15_7-1.4.5-4.1.aarch64"
}
},
{
"category": "product_version",
"name": "apptainer-sle16-1.4.5-4.1.aarch64",
"product": {
"name": "apptainer-sle16-1.4.5-4.1.aarch64",
"product_id": "apptainer-sle16-1.4.5-4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.4.5-4.1.ppc64le",
"product": {
"name": "apptainer-1.4.5-4.1.ppc64le",
"product_id": "apptainer-1.4.5-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apptainer-leap-1.4.5-4.1.ppc64le",
"product": {
"name": "apptainer-leap-1.4.5-4.1.ppc64le",
"product_id": "apptainer-leap-1.4.5-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apptainer-sle15_7-1.4.5-4.1.ppc64le",
"product": {
"name": "apptainer-sle15_7-1.4.5-4.1.ppc64le",
"product_id": "apptainer-sle15_7-1.4.5-4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apptainer-sle16-1.4.5-4.1.ppc64le",
"product": {
"name": "apptainer-sle16-1.4.5-4.1.ppc64le",
"product_id": "apptainer-sle16-1.4.5-4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.4.5-4.1.s390x",
"product": {
"name": "apptainer-1.4.5-4.1.s390x",
"product_id": "apptainer-1.4.5-4.1.s390x"
}
},
{
"category": "product_version",
"name": "apptainer-leap-1.4.5-4.1.s390x",
"product": {
"name": "apptainer-leap-1.4.5-4.1.s390x",
"product_id": "apptainer-leap-1.4.5-4.1.s390x"
}
},
{
"category": "product_version",
"name": "apptainer-sle15_7-1.4.5-4.1.s390x",
"product": {
"name": "apptainer-sle15_7-1.4.5-4.1.s390x",
"product_id": "apptainer-sle15_7-1.4.5-4.1.s390x"
}
},
{
"category": "product_version",
"name": "apptainer-sle16-1.4.5-4.1.s390x",
"product": {
"name": "apptainer-sle16-1.4.5-4.1.s390x",
"product_id": "apptainer-sle16-1.4.5-4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apptainer-1.4.5-4.1.x86_64",
"product": {
"name": "apptainer-1.4.5-4.1.x86_64",
"product_id": "apptainer-1.4.5-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "apptainer-leap-1.4.5-4.1.x86_64",
"product": {
"name": "apptainer-leap-1.4.5-4.1.x86_64",
"product_id": "apptainer-leap-1.4.5-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "apptainer-sle15_7-1.4.5-4.1.x86_64",
"product": {
"name": "apptainer-sle15_7-1.4.5-4.1.x86_64",
"product_id": "apptainer-sle15_7-1.4.5-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "apptainer-sle16-1.4.5-4.1.x86_64",
"product": {
"name": "apptainer-sle16-1.4.5-4.1.x86_64",
"product_id": "apptainer-sle16-1.4.5-4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64"
},
"product_reference": "apptainer-1.4.5-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le"
},
"product_reference": "apptainer-1.4.5-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x"
},
"product_reference": "apptainer-1.4.5-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-1.4.5-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64"
},
"product_reference": "apptainer-1.4.5-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-leap-1.4.5-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64"
},
"product_reference": "apptainer-leap-1.4.5-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-leap-1.4.5-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le"
},
"product_reference": "apptainer-leap-1.4.5-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-leap-1.4.5-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x"
},
"product_reference": "apptainer-leap-1.4.5-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-leap-1.4.5-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64"
},
"product_reference": "apptainer-leap-1.4.5-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle15_7-1.4.5-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64"
},
"product_reference": "apptainer-sle15_7-1.4.5-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle15_7-1.4.5-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le"
},
"product_reference": "apptainer-sle15_7-1.4.5-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle15_7-1.4.5-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x"
},
"product_reference": "apptainer-sle15_7-1.4.5-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle15_7-1.4.5-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64"
},
"product_reference": "apptainer-sle15_7-1.4.5-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle16-1.4.5-4.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64"
},
"product_reference": "apptainer-sle16-1.4.5-4.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle16-1.4.5-4.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le"
},
"product_reference": "apptainer-sle16-1.4.5-4.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle16-1.4.5-4.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x"
},
"product_reference": "apptainer-sle16-1.4.5-4.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apptainer-sle16-1.4.5-4.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64"
},
"product_reference": "apptainer-sle16-1.4.5-4.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-24137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-24137"
}
],
"notes": [
{
"category": "general",
"text": "sigstore framework is a common go library shared across sigstore services and clients. In versions 1.10.3 and below, the legacy TUF client (pkg/tuf/client.go) supports caching target files to disk. It constructs a filesystem path by joining a cache base directory with a target name sourced from signed target metadata; however, it does not validate that the resulting path stays within the cache base directory. A malicious TUF repository can trigger arbitrary file overwriting, limited to the permissions that the calling process has. Note that this should only affect clients that are directly using the TUF client in sigstore/sigstore or are using an older version of Cosign. Public Sigstore deployment users are unaffected, as TUF metadata is validated by a quorum of trusted collaborators. This issue has been fixed in version 1.10.4. As a workaround, users can disable disk caching for the legacy client by setting SIGSTORE_NO_CACHE=true in the environment, migrate to https://github.com/sigstore/sigstore-go/tree/main/pkg/tuf, or upgrade to the latest sigstore/sigstore release.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-24137",
"url": "https://www.suse.com/security/cve/CVE-2026-24137"
},
{
"category": "external",
"summary": "SUSE Bug 1257137 for CVE-2026-24137",
"url": "https://bugzilla.suse.com/1257137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-24137"
},
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
},
{
"cve": "CVE-2026-34986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34986"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34986",
"url": "https://www.suse.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "SUSE Bug 1262805 for CVE-2026-34986",
"url": "https://bugzilla.suse.com/1262805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-leap-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle15_7-1.4.5-4.1.x86_64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.aarch64",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.ppc64le",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.s390x",
"openSUSE Tumbleweed:apptainer-sle16-1.4.5-4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-06T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-34986"
}
]
}
OPENSUSE-SU-2026:10731-1
Vulnerability from csaf_opensuse - Published: 2026-05-08 00:00 - Updated: 2026-05-08 00:00Summary
mcphost-0.34.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: mcphost-0.34.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the mcphost-0.34.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10731
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "mcphost-0.34.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the mcphost-0.34.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10731",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10731-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-30153 page",
"url": "https://www.suse.com/security/cve/CVE-2025-30153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-32285 page",
"url": "https://www.suse.com/security/cve/CVE-2026-32285/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
}
],
"title": "mcphost-0.34.0-1.1 on GA media",
"tracking": {
"current_release_date": "2026-05-08T00:00:00Z",
"generator": {
"date": "2026-05-08T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10731-1",
"initial_release_date": "2026-05-08T00:00:00Z",
"revision_history": [
{
"date": "2026-05-08T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-1.1.aarch64",
"product": {
"name": "mcphost-0.34.0-1.1.aarch64",
"product_id": "mcphost-0.34.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mcphost-bash-completion-0.34.0-1.1.aarch64",
"product": {
"name": "mcphost-bash-completion-0.34.0-1.1.aarch64",
"product_id": "mcphost-bash-completion-0.34.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mcphost-fish-completion-0.34.0-1.1.aarch64",
"product": {
"name": "mcphost-fish-completion-0.34.0-1.1.aarch64",
"product_id": "mcphost-fish-completion-0.34.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "mcphost-zsh-completion-0.34.0-1.1.aarch64",
"product": {
"name": "mcphost-zsh-completion-0.34.0-1.1.aarch64",
"product_id": "mcphost-zsh-completion-0.34.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-1.1.ppc64le",
"product": {
"name": "mcphost-0.34.0-1.1.ppc64le",
"product_id": "mcphost-0.34.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mcphost-bash-completion-0.34.0-1.1.ppc64le",
"product": {
"name": "mcphost-bash-completion-0.34.0-1.1.ppc64le",
"product_id": "mcphost-bash-completion-0.34.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mcphost-fish-completion-0.34.0-1.1.ppc64le",
"product": {
"name": "mcphost-fish-completion-0.34.0-1.1.ppc64le",
"product_id": "mcphost-fish-completion-0.34.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mcphost-zsh-completion-0.34.0-1.1.ppc64le",
"product": {
"name": "mcphost-zsh-completion-0.34.0-1.1.ppc64le",
"product_id": "mcphost-zsh-completion-0.34.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-1.1.s390x",
"product": {
"name": "mcphost-0.34.0-1.1.s390x",
"product_id": "mcphost-0.34.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mcphost-bash-completion-0.34.0-1.1.s390x",
"product": {
"name": "mcphost-bash-completion-0.34.0-1.1.s390x",
"product_id": "mcphost-bash-completion-0.34.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mcphost-fish-completion-0.34.0-1.1.s390x",
"product": {
"name": "mcphost-fish-completion-0.34.0-1.1.s390x",
"product_id": "mcphost-fish-completion-0.34.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "mcphost-zsh-completion-0.34.0-1.1.s390x",
"product": {
"name": "mcphost-zsh-completion-0.34.0-1.1.s390x",
"product_id": "mcphost-zsh-completion-0.34.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "mcphost-0.34.0-1.1.x86_64",
"product": {
"name": "mcphost-0.34.0-1.1.x86_64",
"product_id": "mcphost-0.34.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mcphost-bash-completion-0.34.0-1.1.x86_64",
"product": {
"name": "mcphost-bash-completion-0.34.0-1.1.x86_64",
"product_id": "mcphost-bash-completion-0.34.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mcphost-fish-completion-0.34.0-1.1.x86_64",
"product": {
"name": "mcphost-fish-completion-0.34.0-1.1.x86_64",
"product_id": "mcphost-fish-completion-0.34.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "mcphost-zsh-completion-0.34.0-1.1.x86_64",
"product": {
"name": "mcphost-zsh-completion-0.34.0-1.1.x86_64",
"product_id": "mcphost-zsh-completion-0.34.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64"
},
"product_reference": "mcphost-0.34.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le"
},
"product_reference": "mcphost-0.34.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x"
},
"product_reference": "mcphost-0.34.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-0.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64"
},
"product_reference": "mcphost-0.34.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-bash-completion-0.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64"
},
"product_reference": "mcphost-bash-completion-0.34.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-bash-completion-0.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le"
},
"product_reference": "mcphost-bash-completion-0.34.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-bash-completion-0.34.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x"
},
"product_reference": "mcphost-bash-completion-0.34.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-bash-completion-0.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64"
},
"product_reference": "mcphost-bash-completion-0.34.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-fish-completion-0.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64"
},
"product_reference": "mcphost-fish-completion-0.34.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-fish-completion-0.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le"
},
"product_reference": "mcphost-fish-completion-0.34.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-fish-completion-0.34.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x"
},
"product_reference": "mcphost-fish-completion-0.34.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-fish-completion-0.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64"
},
"product_reference": "mcphost-fish-completion-0.34.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-zsh-completion-0.34.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64"
},
"product_reference": "mcphost-zsh-completion-0.34.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-zsh-completion-0.34.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le"
},
"product_reference": "mcphost-zsh-completion-0.34.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-zsh-completion-0.34.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x"
},
"product_reference": "mcphost-zsh-completion-0.34.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcphost-zsh-completion-0.34.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64"
},
"product_reference": "mcphost-zsh-completion-0.34.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-30153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-30153"
}
],
"notes": [
{
"category": "general",
"text": "kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file (e.g., a ZIP bomb), causing the server to consume all available system memory. The root cause comes from the ZipFileBodyDecoder, which is registered automatically by the module (contrary to what the documentation says). This vulnerability is fixed in 0.131.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-30153",
"url": "https://www.suse.com/security/cve/CVE-2025-30153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-30153"
},
{
"cve": "CVE-2026-32285",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-32285"
}
],
"notes": [
{
"category": "general",
"text": "The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-32285",
"url": "https://www.suse.com/security/cve/CVE-2026-32285"
},
{
"category": "external",
"summary": "SUSE Bug 1261230 for CVE-2026-32285",
"url": "https://bugzilla.suse.com/1261230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-32285"
},
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-bash-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-fish-completion-0.34.0-1.1.x86_64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.aarch64",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.ppc64le",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.s390x",
"openSUSE Tumbleweed:mcphost-zsh-completion-0.34.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-08T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
}
]
}
OPENSUSE-SU-2026:10902-1
Vulnerability from csaf_opensuse - Published: 2026-05-29 00:00 - Updated: 2026-05-29 00:00Summary
golang-github-teddysun-v2ray-plugin-5.49.0-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: golang-github-teddysun-v2ray-plugin-5.49.0-1.1 on GA media
Description of the patch: These are all security issues fixed in the golang-github-teddysun-v2ray-plugin-5.49.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10902
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the golang-github-teddysun-v2ray-plugin-5.49.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10902",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10902-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
}
],
"title": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1 on GA media",
"tracking": {
"current_release_date": "2026-05-29T00:00:00Z",
"generator": {
"date": "2026-05-29T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10902-1",
"initial_release_date": "2026-05-29T00:00:00Z",
"revision_history": [
{
"date": "2026-05-29T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.aarch64",
"product": {
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.aarch64",
"product_id": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.aarch64",
"product": {
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.aarch64",
"product_id": "shadowsocks-v2ray-plugin-5.49.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.ppc64le",
"product": {
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.ppc64le",
"product_id": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.ppc64le",
"product": {
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.ppc64le",
"product_id": "shadowsocks-v2ray-plugin-5.49.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.s390x",
"product": {
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.s390x",
"product_id": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.s390x",
"product": {
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.s390x",
"product_id": "shadowsocks-v2ray-plugin-5.49.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.x86_64",
"product": {
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.x86_64",
"product_id": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.x86_64",
"product": {
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.x86_64",
"product_id": "shadowsocks-v2ray-plugin-5.49.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.aarch64"
},
"product_reference": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.ppc64le"
},
"product_reference": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.s390x"
},
"product_reference": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.x86_64"
},
"product_reference": "golang-github-teddysun-v2ray-plugin-5.49.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.aarch64"
},
"product_reference": "shadowsocks-v2ray-plugin-5.49.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.ppc64le"
},
"product_reference": "shadowsocks-v2ray-plugin-5.49.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.s390x"
},
"product_reference": "shadowsocks-v2ray-plugin-5.49.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "shadowsocks-v2ray-plugin-5.49.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.x86_64"
},
"product_reference": "shadowsocks-v2ray-plugin-5.49.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.aarch64",
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.ppc64le",
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.s390x",
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.x86_64",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.aarch64",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.ppc64le",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.s390x",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.aarch64",
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.ppc64le",
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.s390x",
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.x86_64",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.aarch64",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.ppc64le",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.s390x",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.aarch64",
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.ppc64le",
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.s390x",
"openSUSE Tumbleweed:golang-github-teddysun-v2ray-plugin-5.49.0-1.1.x86_64",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.aarch64",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.ppc64le",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.s390x",
"openSUSE Tumbleweed:shadowsocks-v2ray-plugin-5.49.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-29T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
}
]
}
OPENSUSE-SU-2026:11075-1
Vulnerability from csaf_opensuse - Published: 2026-06-22 00:00 - Updated: 2026-06-22 00:00Summary
docker-stable-24.0.9_ce-18.1 on GA media
Severity
Moderate
Notes
Title of the patch: docker-stable-24.0.9_ce-18.1 on GA media
Description of the patch: These are all security issues fixed in the docker-stable-24.0.9_ce-18.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-11075
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.1 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.2 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
29 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "docker-stable-24.0.9_ce-18.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the docker-stable-24.0.9_ce-18.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-11075",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_11075-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33747 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33748 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33748/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33997 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34040 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39821 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-41567 page",
"url": "https://www.suse.com/security/cve/CVE-2026-41567/"
}
],
"title": "docker-stable-24.0.9_ce-18.1 on GA media",
"tracking": {
"current_release_date": "2026-06-22T00:00:00Z",
"generator": {
"date": "2026-06-22T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:11075-1",
"initial_release_date": "2026-06-22T00:00:00Z",
"revision_history": [
{
"date": "2026-06-22T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-18.1.aarch64",
"product": {
"name": "docker-stable-24.0.9_ce-18.1.aarch64",
"product_id": "docker-stable-24.0.9_ce-18.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"product": {
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"product_id": "docker-stable-bash-completion-24.0.9_ce-18.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-stable-buildx-0.25.0-18.1.aarch64",
"product": {
"name": "docker-stable-buildx-0.25.0-18.1.aarch64",
"product_id": "docker-stable-buildx-0.25.0-18.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"product": {
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"product_id": "docker-stable-fish-completion-24.0.9_ce-18.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"product": {
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"product_id": "docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"product": {
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"product_id": "docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-18.1.ppc64le",
"product": {
"name": "docker-stable-24.0.9_ce-18.1.ppc64le",
"product_id": "docker-stable-24.0.9_ce-18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"product": {
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"product_id": "docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-stable-buildx-0.25.0-18.1.ppc64le",
"product": {
"name": "docker-stable-buildx-0.25.0-18.1.ppc64le",
"product_id": "docker-stable-buildx-0.25.0-18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"product": {
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"product_id": "docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"product": {
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"product_id": "docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"product": {
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"product_id": "docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-18.1.s390x",
"product": {
"name": "docker-stable-24.0.9_ce-18.1.s390x",
"product_id": "docker-stable-24.0.9_ce-18.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"product": {
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"product_id": "docker-stable-bash-completion-24.0.9_ce-18.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-stable-buildx-0.25.0-18.1.s390x",
"product": {
"name": "docker-stable-buildx-0.25.0-18.1.s390x",
"product_id": "docker-stable-buildx-0.25.0-18.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"product": {
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"product_id": "docker-stable-fish-completion-24.0.9_ce-18.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"product": {
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"product_id": "docker-stable-rootless-extras-24.0.9_ce-18.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"product": {
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"product_id": "docker-stable-zsh-completion-24.0.9_ce-18.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-stable-24.0.9_ce-18.1.x86_64",
"product": {
"name": "docker-stable-24.0.9_ce-18.1.x86_64",
"product_id": "docker-stable-24.0.9_ce-18.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"product": {
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"product_id": "docker-stable-bash-completion-24.0.9_ce-18.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-stable-buildx-0.25.0-18.1.x86_64",
"product": {
"name": "docker-stable-buildx-0.25.0-18.1.x86_64",
"product_id": "docker-stable-buildx-0.25.0-18.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"product": {
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"product_id": "docker-stable-fish-completion-24.0.9_ce-18.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"product": {
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"product_id": "docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64",
"product": {
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64",
"product_id": "docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-18.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64"
},
"product_reference": "docker-stable-24.0.9_ce-18.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-18.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le"
},
"product_reference": "docker-stable-24.0.9_ce-18.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-18.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x"
},
"product_reference": "docker-stable-24.0.9_ce-18.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-24.0.9_ce-18.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64"
},
"product_reference": "docker-stable-24.0.9_ce-18.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-bash-completion-24.0.9_ce-18.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64"
},
"product_reference": "docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-buildx-0.25.0-18.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64"
},
"product_reference": "docker-stable-buildx-0.25.0-18.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-buildx-0.25.0-18.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le"
},
"product_reference": "docker-stable-buildx-0.25.0-18.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-buildx-0.25.0-18.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x"
},
"product_reference": "docker-stable-buildx-0.25.0-18.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-buildx-0.25.0-18.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64"
},
"product_reference": "docker-stable-buildx-0.25.0-18.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64"
},
"product_reference": "docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le"
},
"product_reference": "docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x"
},
"product_reference": "docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-fish-completion-24.0.9_ce-18.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64"
},
"product_reference": "docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64"
},
"product_reference": "docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le"
},
"product_reference": "docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x"
},
"product_reference": "docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64"
},
"product_reference": "docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64"
},
"product_reference": "docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le"
},
"product_reference": "docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x"
},
"product_reference": "docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
},
"product_reference": "docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
},
{
"category": "external",
"summary": "SUSE Bug 1268676 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1268676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
},
{
"cve": "CVE-2026-33747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33747"
}
],
"notes": [
{
"category": "general",
"text": "BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when using a custom BuildKit frontend, the frontend can craft an API message that causes files to be written outside of the BuildKit state directory for the execution context. The issue has been fixed in v0.28.1. The vulnerability requires using an untrusted BuildKit frontend set with `#syntax` or `--build-arg BUILDKIT_SYNTAX`. Using these options with a well-known frontend image like `docker/dockerfile` is not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33747",
"url": "https://www.suse.com/security/cve/CVE-2026-33747"
},
{
"category": "external",
"summary": "SUSE Bug 1260954 for CVE-2026-33747",
"url": "https://bugzilla.suse.com/1260954"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33747"
},
{
"cve": "CVE-2026-33748",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33748"
}
],
"notes": [
{
"category": "general",
"text": "BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is limited to files on the same mounted filesystem. The issue has been fixed in version v0.28.1 The issue affects only builds that use Git URLs with a subpath component. As a workaround, avoid building Dockerfiles from untrusted sources or using the subdir component from an untrusted Git repository where the subdir component could point to a symlink.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33748",
"url": "https://www.suse.com/security/cve/CVE-2026-33748"
},
{
"category": "external",
"summary": "SUSE Bug 1261046 for CVE-2026-33748",
"url": "https://bugzilla.suse.com/1261046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33748"
},
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
},
{
"category": "external",
"summary": "SUSE Bug 1268758 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1268758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-33997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33997"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon\u0027s privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins that request exactly one privilege are also affected, because no comparison is performed at all. This issue has been patched in version 29.3.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33997",
"url": "https://www.suse.com/security/cve/CVE-2026-33997"
},
{
"category": "external",
"summary": "SUSE Bug 1265907 for CVE-2026-33997",
"url": "https://bugzilla.suse.com/1265907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33997"
},
{
"cve": "CVE-2026-34040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34040"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34040",
"url": "https://www.suse.com/security/cve/CVE-2026-34040"
},
{
"category": "external",
"summary": "SUSE Bug 1261378 for CVE-2026-34040",
"url": "https://bugzilla.suse.com/1261378"
},
{
"category": "external",
"summary": "SUSE Bug 1265929 for CVE-2026-34040",
"url": "https://bugzilla.suse.com/1265929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-34040"
},
{
"cve": "CVE-2026-39821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39821"
}
],
"notes": [
{
"category": "general",
"text": "The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode(\"xn--example-.com\") incorrectly returns the name \"example.com\" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject \"example.com\" but permit \"xn--example-.com\". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name \"example.com\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39821",
"url": "https://www.suse.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "SUSE Bug 1266474 for CVE-2026-39821",
"url": "https://bugzilla.suse.com/1266474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-39821"
},
{
"cve": "CVE-2026-41567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-41567"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via `PUT /containers/{id}/archive` or piped through `docker cp -`, the daemon resolves decompression binaries (such as `xz` or `unpigz`) from the container\u0027s filesystem rather than the host\u0027s due to incorrect ordering of operations. A malicious container image containing a trojanized decompression binary can achieve arbitrary code execution with full daemon privileges, including host root UID and unrestricted capabilities, when a user uploads a compressed (xz or gzip) archive into that container. This issue is fixed in Docker Engine 29.5.1 and moby/moby v2.0.0-beta.14. Workarounds include only running containers from trusted images, using authorization plugins to restrict access to the `PUT /containers/{id}/archive` endpoint, and avoiding piping compressed archives into containers created from untrusted images",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-41567",
"url": "https://www.suse.com/security/cve/CVE-2026-41567"
},
{
"category": "external",
"summary": "SUSE Bug 1267827 for CVE-2026-41567",
"url": "https://bugzilla.suse.com/1267827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-bash-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-buildx-0.25.0-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-fish-completion-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-rootless-extras-24.0.9_ce-18.1.x86_64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.aarch64",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.ppc64le",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.s390x",
"openSUSE Tumbleweed:docker-stable-zsh-completion-24.0.9_ce-18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-41567"
}
]
}
OPENSUSE-SU-2026:11091-1
Vulnerability from csaf_opensuse - Published: 2026-06-22 00:00 - Updated: 2026-06-22 00:00Summary
kubevirt1.8-container-disk-1.8.3-1.1 on GA media
Severity
Important
Notes
Title of the patch: kubevirt1.8-container-disk-1.8.3-1.1 on GA media
Description of the patch: These are all security issues fixed in the kubevirt1.8-container-disk-1.8.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-11091
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6 (Medium)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
8.1 (High)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.7 (High)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
43 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kubevirt1.8-container-disk-1.8.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kubevirt1.8-container-disk-1.8.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-11091",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_11091-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-43565 page",
"url": "https://www.suse.com/security/cve/CVE-2021-43565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-26484 page",
"url": "https://www.suse.com/security/cve/CVE-2023-26484/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-44487 page",
"url": "https://www.suse.com/security/cve/CVE-2023-44487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-33394 page",
"url": "https://www.suse.com/security/cve/CVE-2024-33394/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22872 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64433 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64433/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64437 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33186 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33186/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-9804 page",
"url": "https://www.suse.com/security/cve/CVE-2026-9804/"
}
],
"title": "kubevirt1.8-container-disk-1.8.3-1.1 on GA media",
"tracking": {
"current_release_date": "2026-06-22T00:00:00Z",
"generator": {
"date": "2026-06-22T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:11091-1",
"initial_release_date": "2026-06-22T00:00:00Z",
"revision_history": [
{
"date": "2026-06-22T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-container-disk-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-manifests-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-tests-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-tests-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-tests-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-virt-api-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-virt-controller-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-virt-handler-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-virt-operator-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"product": {
"name": "kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"product_id": "kubevirt1.8-virtctl-1.8.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"product": {
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"product_id": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-container-disk-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-manifests-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-tests-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-virt-api-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"product": {
"name": "kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"product_id": "kubevirt1.8-virtctl-1.8.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"product": {
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"product_id": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-container-disk-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-manifests-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-manifests-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-manifests-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-tests-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-tests-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-tests-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-virt-api-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-virt-controller-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-virt-handler-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-virt-launcher-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-virt-operator-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"product": {
"name": "kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"product_id": "kubevirt1.8-virtctl-1.8.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"product": {
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"product_id": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-container-disk-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-manifests-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-tests-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-tests-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-tests-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-virt-api-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-virt-controller-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-virt-handler-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-virt-operator-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"product": {
"name": "kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"product_id": "kubevirt1.8-virtctl-1.8.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64",
"product": {
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64",
"product_id": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-container-disk-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-container-disk-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-container-disk-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-container-disk-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-manifests-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-manifests-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-manifests-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-manifests-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-manifests-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-tests-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-tests-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-tests-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-tests-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-tests-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-tests-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-tests-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-api-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-api-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-api-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-api-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-controller-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-handler-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-operator-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virtctl-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64"
},
"product_reference": "kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virtctl-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le"
},
"product_reference": "kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virtctl-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x"
},
"product_reference": "kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubevirt1.8-virtctl-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64"
},
"product_reference": "kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64"
},
"product_reference": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le"
},
"product_reference": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x"
},
"product_reference": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
},
"product_reference": "obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-43565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-43565"
}
],
"notes": [
{
"category": "general",
"text": "The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-43565",
"url": "https://www.suse.com/security/cve/CVE-2021-43565"
},
{
"category": "external",
"summary": "SUSE Bug 1193930 for CVE-2021-43565",
"url": "https://bugzilla.suse.com/1193930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2021-43565"
},
{
"cve": "CVE-2023-26484",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-26484"
}
],
"notes": [
{
"category": "general",
"text": "KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler (the KubeVirt node-daemon) is running, the virt-handler service account can be used to modify all node specs. This can be misused to lure-in system-level-privileged components which can, for instance, read all secrets on the cluster, or can exec into pods on other nodes. This way, a compromised node can be used to elevate privileges beyond the node until potentially having full privileged access to the whole cluster. The simplest way to exploit this, once a user could compromise a specific node, is to set with the virt-handler service account all other nodes to unschedulable and simply wait until system-critical components with high privileges appear on its node. No patches are available as of time of publication. As a workaround, gatekeeper users can add a webhook which will block the `virt-handler` service account to modify the spec of a node.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-26484",
"url": "https://www.suse.com/security/cve/CVE-2023-26484"
},
{
"category": "external",
"summary": "SUSE Bug 1209359 for CVE-2023-26484",
"url": "https://bugzilla.suse.com/1209359"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-26484"
},
{
"cve": "CVE-2023-44487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-44487"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-44487",
"url": "https://www.suse.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "SUSE Bug 1216109 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216109"
},
{
"category": "external",
"summary": "SUSE Bug 1216123 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216123"
},
{
"category": "external",
"summary": "SUSE Bug 1216169 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216169"
},
{
"category": "external",
"summary": "SUSE Bug 1216171 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216171"
},
{
"category": "external",
"summary": "SUSE Bug 1216174 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216174"
},
{
"category": "external",
"summary": "SUSE Bug 1216176 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216176"
},
{
"category": "external",
"summary": "SUSE Bug 1216181 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216181"
},
{
"category": "external",
"summary": "SUSE Bug 1216182 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216182"
},
{
"category": "external",
"summary": "SUSE Bug 1216190 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216190"
},
{
"category": "external",
"summary": "SUSE Bug 1243895 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1243895"
},
{
"category": "external",
"summary": "SUSE Bug 1268251 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1268251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2024-33394",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-33394"
}
],
"notes": [
{
"category": "general",
"text": "An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-33394",
"url": "https://www.suse.com/security/cve/CVE-2024-33394"
},
{
"category": "external",
"summary": "SUSE Bug 1223965 for CVE-2024-33394",
"url": "https://bugzilla.suse.com/1223965"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2024-33394"
},
{
"cve": "CVE-2025-22872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22872"
}
],
"notes": [
{
"category": "general",
"text": "The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. \u003cmath\u003e, \u003csvg\u003e, etc contexts).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22872",
"url": "https://www.suse.com/security/cve/CVE-2025-22872"
},
{
"category": "external",
"summary": "SUSE Bug 1241710 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1241710"
},
{
"category": "external",
"summary": "SUSE Bug 1265255 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1265255"
},
{
"category": "external",
"summary": "SUSE Bug 1265256 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1265256"
},
{
"category": "external",
"summary": "SUSE Bug 1265259 for CVE-2025-22872",
"url": "https://bugzilla.suse.com/1265259"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-22872"
},
{
"cve": "CVE-2025-64433",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64433"
}
],
"notes": [
{
"category": "general",
"text": "KubeVirt is a virtual machine management add-on for Kubernetes. Prior to 1.5.3 and 1.6.1, a vulnerability was discovered that allows a VM to read arbitrary files from the virt-launcher pod\u0027s file system. This issue stems from improper symlink handling when mounting PVC disks into a VM. Specifically, if a malicious user has full or partial control over the contents of a PVC, they can create a symbolic link that points to a file within the virt-launcher pod\u0027s file system. Since libvirt can treat regular files as block devices, any file on the pod\u0027s file system that is symlinked in this way can be mounted into the VM and subsequently read. Although a security mechanism exists where VMs are executed as an unprivileged user with UID 107 inside the virt-launcher container, limiting the scope of accessible resources, this restriction is bypassed due to a second vulnerability. The latter causes the ownership of any file intended for mounting to be changed to the unprivileged user with UID 107 prior to mounting. As a result, an attacker can gain access to and read arbitrary files located within the virt-launcher pod\u0027s file system or on a mounted PVC from within the guest VM. This vulnerability is fixed in 1.5.3 and 1.6.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64433",
"url": "https://www.suse.com/security/cve/CVE-2025-64433"
},
{
"category": "external",
"summary": "SUSE Bug 1253185 for CVE-2025-64433",
"url": "https://bugzilla.suse.com/1253185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-64433"
},
{
"cve": "CVE-2025-64437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64437"
}
],
"notes": [
{
"category": "general",
"text": "KubeVirt is a virtual machine management add-on for Kubernetes. In versions before 1.5.3 and 1.6.1, the virt-handler does not verify whether the launcher-sock is a symlink or a regular file. This oversight can be exploited, for example, to change the ownership of arbitrary files on the host node to the unprivileged user with UID 107 (the same user used by virt-launcher) thus, compromising the CIA (Confidentiality, Integrity and Availability) of data on the host. To successfully exploit this vulnerability, an attacker should be in control of the file system of the virt-launcher pod. This vulnerability is fixed in 1.5.3 and 1.6.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64437",
"url": "https://www.suse.com/security/cve/CVE-2025-64437"
},
{
"category": "external",
"summary": "SUSE Bug 1253194 for CVE-2025-64437",
"url": "https://bugzilla.suse.com/1253194"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2025-64437"
},
{
"cve": "CVE-2026-33186",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33186"
}
],
"notes": [
{
"category": "general",
"text": "gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 `:path` pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the `:path` omitted the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server successfully routed these requests to the correct handler, authorization interceptors (including the official `grpc/authz` package) evaluated the raw, non-canonical path string. Consequently, \"deny\" rules defined using canonical paths (starting with `/`) failed to match the incoming request, allowing it to bypass the policy if a fallback \"allow\" rule was present. This affects gRPC-Go servers that use path-based authorization interceptors, such as the official RBAC implementation in `google.golang.org/grpc/authz` or custom interceptors relying on `info.FullMethod` or `grpc.Method(ctx)`; AND that have a security policy contains specific \"deny\" rules for canonical paths but allows other requests by default (a fallback \"allow\" rule). The vulnerability is exploitable by an attacker who can send raw HTTP/2 frames with malformed `:path` headers directly to the gRPC server. The fix in version 1.79.3 ensures that any request with a `:path` that does not start with a leading slash is immediately rejected with a `codes.Unimplemented` error, preventing it from reaching authorization interceptors or handlers with a non-canonical path string. While upgrading is the most secure and recommended path, users can mitigate the vulnerability using one of the following methods: Use a validating interceptor (recommended mitigation); infrastructure-level normalization; and/or policy hardening.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33186",
"url": "https://www.suse.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "SUSE Bug 1260085 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1260085"
},
{
"category": "external",
"summary": "SUSE Bug 1268676 for CVE-2026-33186",
"url": "https://bugzilla.suse.com/1268676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-33186"
},
{
"cve": "CVE-2026-9804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-9804"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in KubeVirt\u0027s virt-exportserver component. An attacker with specific namespace-level access can exploit a path traversal vulnerability in the VMExport directory endpoint. By placing a symbolic link (symlink) within an exported filesystem Persistent Volume Claim (PVC) that points outside its designated mount root, the attacker can read arbitrary files from the exporter pod\u0027s filesystem. This leads to information disclosure, potentially exposing sensitive data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-9804",
"url": "https://www.suse.com/security/cve/CVE-2026-9804"
},
{
"category": "external",
"summary": "SUSE Bug 1266733 for CVE-2026-9804",
"url": "https://bugzilla.suse.com/1266733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-container-disk-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-manifests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-pr-helper-conf-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-sidecar-shim-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-tests-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-api-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportproxy-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-exportserver-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-handler-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-launcher-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-operator-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virt-synchronization-controller-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:kubevirt1.8-virtctl-1.8.3-1.1.x86_64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.aarch64",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.ppc64le",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.s390x",
"openSUSE Tumbleweed:obs-service-kubevirt1.8_containers_meta-1.8.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-9804"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…