WID-SEC-W-2026-0548
Vulnerability from csaf_certbund - Published: 2026-02-26 23:00 - Updated: 2026-04-09 22:00Summary
Golang Go: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Go ist eine quelloffene Programmiersprache.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
References
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Go ist eine quelloffene Programmiersprache.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0548 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0548.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0548 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0548"
},
{
"category": "external",
"summary": "Go 1.26.1 and Go 1.25.8 pre-announcement vom 2026-02-26",
"url": "https://groups.google.com/g/golang-announce/c/qbkuaO2xasI/m/hmaB1OGBBQAJ?pli=1"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10310-1 vom 2026-03-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/B2IXB7BTZPU5M6YJC45KXVXGXWNVXGGJ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0875-1 vom 2026-03-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024674.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0876-1 vom 2026-03-12",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024673.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2026-3203 vom 2026-03-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3203.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2026-3202 vom 2026-03-19",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3202.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0947-1 vom 2026-03-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024783.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:5192 vom 2026-03-20",
"url": "https://access.redhat.com/errata/RHSA-2026:5192"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:5549 vom 2026-03-24",
"url": "https://access.redhat.com/errata/RHSA-2026:5549"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0976-1 vom 2026-03-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024821.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0977-1 vom 2026-03-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024820.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0993-1 vom 2026-03-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024870.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-5942 vom 2026-03-27",
"url": "http://linux.oracle.com/errata/ELSA-2026-5942.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-5941 vom 2026-03-26",
"url": "https://linux.oracle.com/errata/ELSA-2026-5941.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-5942 vom 2026-03-27",
"url": "https://linux.oracle.com/errata/ELSA-2026-5942.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:5941 vom 2026-03-26",
"url": "https://access.redhat.com/errata/RHSA-2026:5941"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:5942 vom 2026-03-26",
"url": "https://access.redhat.com/errata/RHSA-2026:5942"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:5944 vom 2026-03-26",
"url": "https://access.redhat.com/errata/RHSA-2026:5944"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6341 vom 2026-04-01",
"url": "https://access.redhat.com/errata/RHSA-2026:6341"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6344 vom 2026-04-01",
"url": "https://access.redhat.com/errata/RHSA-2026:6344"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6344 vom 2026-04-01",
"url": "https://linux.oracle.com/errata/ELSA-2026-6344.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6388 vom 2026-04-01",
"url": "https://access.redhat.com/errata/RHSA-2026:6388"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6383 vom 2026-04-01",
"url": "https://access.redhat.com/errata/RHSA-2026:6383"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6388 vom 2026-04-01",
"url": "https://linux.oracle.com/errata/ELSA-2026-6388.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6382 vom 2026-04-01",
"url": "https://access.redhat.com/errata/RHSA-2026:6382"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6382 vom 2026-04-02",
"url": "https://linux.oracle.com/errata/ELSA-2026-6382.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6383 vom 2026-04-02",
"url": "https://linux.oracle.com/errata/ELSA-2026-6383.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:6949 vom 2026-04-08",
"url": "https://errata.build.resf.org/RLSA-2026:6949"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6949 vom 2026-04-08",
"url": "https://access.redhat.com/errata/RHSA-2026:6949"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:5942 vom 2026-04-07",
"url": "https://errata.build.resf.org/RLSA-2026:5942"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7005 vom 2026-04-08",
"url": "https://access.redhat.com/errata/RHSA-2026:7005"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7009 vom 2026-04-09",
"url": "https://access.redhat.com/errata/RHSA-2026:7009"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7011 vom 2026-04-09",
"url": "https://access.redhat.com/errata/RHSA-2026:7011"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7259 vom 2026-04-09",
"url": "https://access.redhat.com/errata/RHSA-2026:7259"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7328 vom 2026-04-09",
"url": "https://access.redhat.com/errata/RHSA-2026:7328"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-6949 vom 2026-04-09",
"url": "https://linux.oracle.com/errata/ELSA-2026-6949.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:5941 vom 2026-04-09",
"url": "https://errata.build.resf.org/RLSA-2026:5941"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7315 vom 2026-04-09",
"url": "https://access.redhat.com/errata/RHSA-2026:7315"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:6564 vom 2026-04-09",
"url": "https://access.redhat.com/errata/RHSA-2026:6564"
}
],
"source_lang": "en-US",
"title": "Golang Go: Mehrere Schwachstellen erm\u00f6glichen nicht spezifizierten Angriff",
"tracking": {
"current_release_date": "2026-04-09T22:00:00.000+00:00",
"generator": {
"date": "2026-04-10T07:16:53.557+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0548",
"initial_release_date": "2026-02-26T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-02-26T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "2",
"summary": "CVE erg\u00e4nzt"
},
{
"date": "2026-03-08T23:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2026-10088, EUVD-2026-10085, EUVD-2026-10084, EUVD-2026-10086, EUVD-2026-10087"
},
{
"date": "2026-03-09T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-03-11T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-19T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2026-03-22T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE und Red Hat aufgenommen"
},
{
"date": "2026-03-23T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2026-03-24T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-03-26T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2026-03-31T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-04-01T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2026-04-07T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Rocky Enterprise Software Foundation und Red Hat aufgenommen"
},
{
"date": "2026-04-08T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-04-09T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat, Oracle Linux und Rocky Enterprise Software Foundation aufgenommen"
}
],
"status": "final",
"version": "15"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.26.1",
"product": {
"name": "Golang Go \u003c1.26.1",
"product_id": "T051309"
}
},
{
"category": "product_version",
"name": "1.26.1",
"product": {
"name": "Golang Go 1.26.1",
"product_id": "T051309-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.26.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.25.8",
"product": {
"name": "Golang Go \u003c1.25.8",
"product_id": "T051310"
}
},
{
"category": "product_version",
"name": "1.25.8",
"product": {
"name": "Golang Go 1.25.8",
"product_id": "T051310-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.25.8"
}
}
}
],
"category": "product_name",
"name": "Go"
}
],
"category": "vendor",
"name": "Golang"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "Container Platform \u003c4.20.18",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.20.18",
"product_id": "T052609"
}
},
{
"category": "product_version",
"name": "Container Platform 4.20.18",
"product": {
"name": "Red Hat OpenShift Container Platform 4.20.18",
"product_id": "T052609-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.20.18"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"product_status": {
"known_affected": [
"T052609",
"T051309",
"T002207",
"67646",
"T027843",
"398363",
"T004914",
"T032255",
"T051310"
]
},
"release_date": "2026-02-26T23:00:00.000+00:00",
"title": "CVE-2026-25679"
},
{
"cve": "CVE-2026-27137",
"product_status": {
"known_affected": [
"T052609",
"T051309",
"T002207",
"67646",
"T027843",
"398363",
"T004914",
"T032255",
"T051310"
]
},
"release_date": "2026-02-26T23:00:00.000+00:00",
"title": "CVE-2026-27137"
},
{
"cve": "CVE-2026-27138",
"product_status": {
"known_affected": [
"T052609",
"T051309",
"T002207",
"67646",
"T027843",
"398363",
"T004914",
"T032255",
"T051310"
]
},
"release_date": "2026-02-26T23:00:00.000+00:00",
"title": "CVE-2026-27138"
},
{
"cve": "CVE-2026-27139",
"product_status": {
"known_affected": [
"T052609",
"T051309",
"T002207",
"67646",
"T027843",
"398363",
"T004914",
"T032255",
"T051310"
]
},
"release_date": "2026-02-26T23:00:00.000+00:00",
"title": "CVE-2026-27139"
},
{
"cve": "CVE-2026-27142",
"product_status": {
"known_affected": [
"T052609",
"T051309",
"T002207",
"67646",
"T027843",
"398363",
"T004914",
"T032255",
"T051310"
]
},
"release_date": "2026-02-26T23:00:00.000+00:00",
"title": "CVE-2026-27142"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…