{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2026-32280", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "state": "PUBLISHED", "assignerShortName": "Go", "dateReserved": "2026-03-11T16:38:46.555Z", "datePublished": "2026-04-08T01:06:58.595Z", "dateUpdated": "2026-07-10T12:05:46.414Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2026-04-08T01:06:58.595Z" }, "title": "Unexpected work during chain building in crypto/x509", "descriptions": [ { "lang": "en", "value": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions.Intermediates, which can lead to a denial of service. This affects both direct users of crypto/x509 and users of crypto/tls." } ], "affected": [ { "vendor": "Go standard library", "product": "crypto/x509", "collectionURL": "https://pkg.go.dev", "packageName": "crypto/x509", "versions": [ { "version": "0", "lessThan": "1.25.9", "status": "affected", "versionType": "semver" }, { "version": "1.26.0-0", "lessThan": "1.26.2", "status": "affected", "versionType": "semver" } ], "programRoutines": [ { "name": "Certificate.buildChains" }, { "name": "Certificate.Verify" } ], "defaultStatus": "unaffected" } ], "problemTypes": [ { "descriptions": [ { "lang": "en", "description": "CWE-770: Allocation of Resources Without Limits or Throttling" } ] } ], "references": [ { "url": "https://go.dev/cl/758320" }, { "url": "https://go.dev/issue/78282" }, { "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU" }, { "url": "https://pkg.go.dev/vuln/GO-2026-4947" } ], "credits": [ { "lang": "en", "value": "Jakub Ciolek - https://ciolek.dev" } ] }, "adp": [ { "problemTypes": [ { "descriptions": [ { "type": "CWE", "cweId": "CWE-770", "lang": "en", "description": "CWE-770 Allocation of Resources Without Limits or Throttling" } ] } ], "metrics": [ { "cvssV3_1": { "scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE" } }, { "other": { "type": "ssvc", "content": { "timestamp": "2026-04-08T17:46:14.569488Z", "id": "CVE-2026-32280", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "version": "2.0.3" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-08T17:46:47.347Z" } }, { "affected": [ { "cpes": [ "cpe:/a:redhat:ansible_automation_platform:2.6::el10", "cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10" ], "defaultStatus": "affected", "product": "Red Hat Ansible Automation Platform 2.6 for RHEL 10", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:rhel_els:7" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux Server (v. 7 ELS)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:ansible_automation_platform:2.5::el8", "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8", "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8" ], "defaultStatus": "affected", "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.14::el8", "cpe:/a:redhat:openshift:4.14::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.14", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.15::el8", "cpe:/a:redhat:openshift:4.15::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.15", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.17::el8", "cpe:/a:redhat:openshift:4.17::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.17", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.18::el8", "cpe:/a:redhat:openshift:4.18::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.18", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:satellite:6.16::el8", "cpe:/a:redhat:satellite_capsule:6.16::el8", "cpe:/a:redhat:satellite_maintenance:6.16::el8", "cpe:/a:redhat:satellite_utils:6.16::el8" ], "defaultStatus": "affected", "product": "Red Hat Satellite 6.16 for RHEL 8", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:ansible_automation_platform:2.5::el9", "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9", "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9" ], "defaultStatus": "affected", "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:ansible_automation_platform:2.6::el9", "cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9", "cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9" ], "defaultStatus": "affected", "product": "Red Hat Ansible Automation Platform 2.6 for RHEL 9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:cryostat:4::el9" ], "defaultStatus": "affected", "product": "Cryostat 4 on RHEL 9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:edge_manager:1.0::el9" ], "defaultStatus": "affected", "product": "RHEM 1.0 for RHEL 9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openstack:17.1", "cpe:/a:redhat:openstack:17.1::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenStack Platform 17.1", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4.19::el8", "cpe:/a:redhat:openshift:4.19::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4.19", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:satellite:6.16::el9", "cpe:/a:redhat:satellite_capsule:6.16::el9", "cpe:/a:redhat:satellite_maintenance:6.16::el9", "cpe:/a:redhat:satellite_utils:6.16::el9" ], "defaultStatus": "affected", "product": "Red Hat Satellite 6.16 for RHEL 9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:satellite:6.19::el9", "cpe:/a:redhat:satellite_capsule:6.19::el9", "cpe:/a:redhat:satellite_maintenance:6.19::el9", "cpe:/a:redhat:satellite_utils:6.19::el9" ], "defaultStatus": "affected", "product": "Red Hat Satellite 6.19 for RHEL 9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux_eus:10.0" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:10.1", "cpe:/o:redhat:enterprise_linux:10.2" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream (v. 10)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream (v. 8)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_aus:8.6::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_e4s:8.6::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_tus:8.6::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_e4s:9.4::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream E4S (v.9.4)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_eus:9.4::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_eus:9.6::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AppStream (v. 9)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux_eus:10.0" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:10.2" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhel_eus:9.6::crb" ], "defaultStatus": "affected", "product": "Red Hat CodeReady Linux Builder EUS (v.9.6)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9" ], "defaultStatus": "affected", "product": "Custom Metric Autoscaler 2.19", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:apache_camel_hawtio:4.4::el9" ], "defaultStatus": "affected", "product": "HawtIO HawtIO 4.4.0", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:logging:6.0::el9" ], "defaultStatus": "affected", "product": "Logging Subsystem for Red Hat OpenShift 6.0", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:logging:6.4::el9" ], "defaultStatus": "affected", "product": "Logging Subsystem for Red Hat OpenShift 6.4", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:multicluster_globalhub:1.4::el9" ], "defaultStatus": "affected", "product": "Multicluster Global Hub 1.4.5", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:multicluster_globalhub:1.5::el9" ], "defaultStatus": "affected", "product": "Multicluster Global Hub 1.5.4", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:multicluster_globalhub:1.6::el9" ], "defaultStatus": "affected", "product": "Multicluster Global Hub 1.6.2", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:network_observ_optr:1.11::el9" ], "defaultStatus": "affected", "product": "Network Observability (NETOBSERV) 1.11.2", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_api_data_protection:1.4::el9" ], "defaultStatus": "affected", "product": "OpenShift API for Data Protection 1.4", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_api_data_protection:1.5::el9" ], "defaultStatus": "affected", "product": "OpenShift API for Data Protection 1.5", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_compliance_operator:1::el9" ], "defaultStatus": "affected", "product": "OpenShift Compliance Operator 1", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:acm:2.14::el9" ], "defaultStatus": "affected", "product": "Red Hat Advanced Cluster Management for Kubernetes 2.14", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.10::el8" ], "defaultStatus": "affected", "product": "Red Hat Advanced Cluster Security for Kubernetes 4.10", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:advanced_cluster_security:4.9::el8" ], "defaultStatus": "affected", "product": "Red Hat Advanced Cluster Security for Kubernetes 4.9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:ansible_automation_platform:2.6::el9" ], "defaultStatus": "affected", "product": "Red Hat Ansible Automation Platform 2.6", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhdh:1.8::el9" ], "defaultStatus": "affected", "product": "Red Hat Developer Hub 1.8", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhdh:1.9::el9" ], "defaultStatus": "affected", "product": "Red Hat Developer Hub 1.9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:edge_manager:1.0::el9" ], "defaultStatus": "affected", "product": "Red Hat Edge Manager 1.0", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9" ], "defaultStatus": "affected", "product": "Red Hat Lightspeed (formerly Insights) for Runtimes 1", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_ai:2.25::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift AI 2.25", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_builds:1.7::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Builds 1.7.4", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_devspaces:3.28::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Dev Spaces 3.28", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:service_mesh:2.6::el8" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Service Mesh 2.6", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:service_mesh:3.1::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Service Mesh 3.1", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:service_mesh:3.2::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Service Mesh 3.2", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:service_mesh:3.3::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Service Mesh 3.3", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:service_mesh:3.0::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Service Mesh 3", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_distributed_tracing:3.9::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenShift distributed tracing 3.9.3", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:stf:1.5::el9" ], "defaultStatus": "affected", "product": "Red Hat OpenStack 1.5", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:quay:3.10::el8" ], "defaultStatus": "affected", "product": "Red Hat Quay 3.10", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:quay:3.14::el8" ], "defaultStatus": "affected", "product": "Red Hat Quay 3.14", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:quay:3.15::el8" ], "defaultStatus": "affected", "product": "Red Hat Quay 3.15", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:quay:3.16::el9" ], "defaultStatus": "affected", "product": "Red Hat Quay 3.16", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:quay:3.17::el9" ], "defaultStatus": "affected", "product": "Red Hat Quay 3.17", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:quay:3.9::el8" ], "defaultStatus": "affected", "product": "Red Hat Quay 3.9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:trusted_artifact_signer:1.3::el9" ], "defaultStatus": "affected", "product": "Red Hat Trusted Artifact Signer 1.3", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:webterminal:1.11::el9" ], "defaultStatus": "affected", "product": "Red Hat Web Terminal 1.11", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:webterminal:1.12::el9" ], "defaultStatus": "affected", "product": "Red Hat Web Terminal 1.12", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:webterminal:1.13::el9" ], "defaultStatus": "affected", "product": "Red Hat Web Terminal 1.13", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:webterminal:1.14::el9" ], "defaultStatus": "affected", "product": "Red Hat Web Terminal 1.14", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:webterminal:1.15::el9" ], "defaultStatus": "affected", "product": "Red Hat Web Terminal 1.15", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:mirror_registry:2.0::el8" ], "defaultStatus": "affected", "product": "mirror registry for Red Hat OpenShift 2.0", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:multicluster_engine:2.10::el9" ], "defaultStatus": "affected", "product": "multicluster engine for Kubernetes 2.10", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:multicluster_engine:2.11::el9" ], "defaultStatus": "affected", "product": "multicluster engine for Kubernetes 2.11", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:multicluster_engine:2.17::el9" ], "defaultStatus": "affected", "product": "multicluster engine for Kubernetes 2.17", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:multicluster_engine:2.6::el8" ], "defaultStatus": "affected", "product": "multicluster engine for Kubernetes 2.6", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:multicluster_engine:2.8::el8" ], "defaultStatus": "affected", "product": "multicluster engine for Kubernetes 2.8", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:assisted_installer:2" ], "defaultStatus": "affected", "product": "Assisted Installer for Red Hat OpenShift Container Platform 2", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:cert_manager:1" ], "defaultStatus": "affected", "product": "cert-manager Operator for Red Hat OpenShift", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:confidential_compute_attestation:1" ], "defaultStatus": "affected", "product": "Confidential Compute Attestation", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:deployment_validator_operator" ], "defaultStatus": "affected", "product": "Deployment Validation Operator", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:external_secrets_operator:1" ], "defaultStatus": "affected", "product": "External Secrets Operator for Red Hat OpenShift", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:ext_dns_optr:1" ], "defaultStatus": "affected", "product": "ExternalDNS Operator", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:workload_availability_far:0" ], "defaultStatus": "affected", "product": "Fence Agents Remediation Operator", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_file_integrity_operator:1" ], "defaultStatus": "affected", "product": "File Integrity Operator", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:gatekeeper:3" ], "defaultStatus": "affected", "product": "Gatekeeper 3", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:logging:5" ], "defaultStatus": "affected", "product": "Logging Subsystem for Red Hat OpenShift", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:lvms:4" ], "defaultStatus": "affected", "product": "Logical Volume Manager Storage", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:workload_availability_mdr:0" ], "defaultStatus": "affected", "product": "Machine Deletion Remediation Operator", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:rhmt:1" ], "defaultStatus": "affected", "product": "Migration Toolkit for Containers", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:mirror_registry:1" ], "defaultStatus": "affected", "product": "mirror registry for Red Hat OpenShift", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:multicluster_engine" ], "defaultStatus": "affected", "product": "Multicluster Engine for Kubernetes", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:ocp_tools" ], "defaultStatus": "affected", "product": "OpenShift Developer Tools and Services", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_lightspeed" ], "defaultStatus": "affected", "product": "OpenShift Lightspeed", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_pipelines:1" ], "defaultStatus": "affected", "product": "OpenShift Pipelines", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:serverless:1" ], "defaultStatus": "affected", "product": "OpenShift Serverless", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:red_hat_3scale_amp:2" ], "defaultStatus": "affected", "product": "Red Hat 3scale API Management Platform 2", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:acm:2" ], "defaultStatus": "affected", "product": "Red Hat Advanced Cluster Management for Kubernetes 2", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:ai_inference_server:3" ], "defaultStatus": "affected", "product": "Red Hat AI Inference Server", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:certifications:9" ], "defaultStatus": "affected", "product": "Red Hat Certification Program for Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:connectivity_link:1" ], "defaultStatus": "affected", "product": "Red Hat Connectivity Link 1", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:10" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux 10", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:enterprise_linux_ai:3" ], "defaultStatus": "affected", "product": "Red Hat Enterprise Linux AI (RHEL AI) 3", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_ai" ], "defaultStatus": "affected", "product": "Red Hat OpenShift AI (RHOAI)", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_cluster_manager_cli:1" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Cluster Manager CLI", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift:4" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Container Platform 4", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4" ], "defaultStatus": "affected", "product": "Red Hat Openshift Data Foundation 4", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:devworkspace" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Dev Workspaces Operator", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_gitops:1" ], "defaultStatus": "affected", "product": "Red Hat OpenShift GitOps", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_service_on_aws:1" ], "defaultStatus": "affected", "product": "Red Hat OpenShift on AWS", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:container_native_virtualization:4" ], "defaultStatus": "affected", "product": "Red Hat OpenShift Virtualization 4", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openstack:16.2" ], "defaultStatus": "affected", "product": "Red Hat OpenStack Platform 16.2", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openstack:18.0" ], "defaultStatus": "affected", "product": "Red Hat OpenStack Platform 18.0", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:satellite:6" ], "defaultStatus": "affected", "product": "Red Hat Satellite 6", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_security_profiles_operator:1" ], "defaultStatus": "affected", "product": "Security Profiles Operator", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:zero_trust_workload_identity_manager:1" ], "defaultStatus": "affected", "product": "Zero Trust Workload Identity Manager", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:zero_trust_workload_identity_manager:0" ], "defaultStatus": "affected", "product": "Zero Trust Workload Identity Manager - Tech Preview", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:migration_toolkit_applications:8" ], "defaultStatus": "unaffected", "product": "Migration Toolkit for Applications 8", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:workload_availability_nhc:0" ], "defaultStatus": "unaffected", "product": "Node HealthCheck Operator", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:service_mesh:2" ], "defaultStatus": "unaffected", "product": "OpenShift Service Mesh 2", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:service_mesh:3" ], "defaultStatus": "unaffected", "product": "OpenShift Service Mesh 3", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:openshift_power_monitoring" ], "defaultStatus": "unaffected", "product": "Power monitoring for Red Hat OpenShift", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:ansible_automation_platform:2" ], "defaultStatus": "unaffected", "product": "Red Hat Ansible Automation Platform 2", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:hummingbird:1" ], "defaultStatus": "unaffected", "product": "Red Hat Hardened Images", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:windows_machine_config" ], "defaultStatus": "unaffected", "product": "Red Hat OpenShift for Windows Containers", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:quay:3" ], "defaultStatus": "unaffected", "product": "Red Hat Quay 3", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:service_interconnect:1" ], "defaultStatus": "unaffected", "product": "Red Hat Service Interconnect 1", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:service_interconnect:2" ], "defaultStatus": "unaffected", "product": "Red Hat Service Interconnect 2", "vendor": "Red Hat" }, { "cpes": [ "cpe:/a:redhat:amq_streams:3" ], "defaultStatus": "unaffected", "product": "streams for Apache Kafka 3", "vendor": "Red Hat" } ], "datePublic": "2026-04-08T01:06:58.595Z", "descriptions": [ { "lang": "en", "value": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "references": [ { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2026-32280" }, { "name": "RHBZ#2456339", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339" }, { "tags": [ "x_sadp-csaf-vex" ], "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32280.json" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:24762" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16101" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:24761" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:28886" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:28961" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:34097" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:21655" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:25180" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:27076" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:14391" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:36796" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:28047" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23244" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:34365" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20569" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23103" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19715" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16024" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19550" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:18032" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:18027" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:17084" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19719" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19750" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20570" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22713" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19714" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20571" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19450" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:10217" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:29195" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23102" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19133" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22141" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19144" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19135" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:24470" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22130" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:29035" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:24716" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:33722" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:10704" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16875" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:11507" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:11514" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:15980" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19634" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:34192" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:34196" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:34197" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19721" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20607" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20608" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19722" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16021" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20556" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19839" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:28038" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19720" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22709" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:17287" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:24337" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20609" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:14200" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:10219" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:29455" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:29703" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19350" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19353" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:26447" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22309" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:29702" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:28074" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:26636" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:25089" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:26585" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22862" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22347" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:21769" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23345" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16874" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:29854" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:26568" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:26571" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:25127" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:13829" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:20889" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:13791" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:36319" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:13545" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:21338" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:13826" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:36651" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22485" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:24977" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:24359" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:21772" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:11688" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16476" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16505" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16532" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16508" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16535" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16537" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16542" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16477" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:16534" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:14162" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:9385" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:14020" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22840" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:21017" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:24853" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:19375" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22465" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:23361" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:24478" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22960" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22958" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22962" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22959" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22961" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:28441" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22422" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22268" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22415" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:28198" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:28196" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22258" }, { "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2026:22260" } ], "solutions": [ { "lang": "en", "value": "RHSA-2026:24762: Red Hat Ansible Automation Platform 2.6 for RHEL 10, Red Hat Ansible Automation Platform 2.6 for RHEL 9" }, { "lang": "en", "value": "RHSA-2026:16101: Red Hat Enterprise Linux Server (v. 7 ELS)" }, { "lang": "en", "value": "RHSA-2026:24761: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9" }, { "lang": "en", "value": "RHSA-2026:28886: Red Hat OpenShift Container Platform 4.14" }, { "lang": "en", "value": "RHSA-2026:28961: Red Hat OpenShift Container Platform 4.15" }, { "lang": "en", "value": "RHSA-2026:34097: Red Hat OpenShift Container Platform 4.17" }, { "lang": "en", "value": "RHSA-2026:21655: Red Hat OpenShift Container Platform 4.18" }, { "lang": "en", "value": "RHSA-2026:25180: Red Hat OpenShift Container Platform 4.18" }, { "lang": "en", "value": "RHSA-2026:27076: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9" }, { "lang": "en", "value": "RHSA-2026:14391: Cryostat 4 on RHEL 9" }, { "lang": "en", "value": "RHSA-2026:36796: RHEM 1.0 for RHEL 9" }, { "lang": "en", "value": "RHSA-2026:28047: Red Hat OpenStack Platform 17.1" }, { "lang": "en", "value": "RHSA-2026:23244: Red Hat OpenShift Container Platform 4.19" }, { "lang": "en", "value": "RHSA-2026:34365: Red Hat Satellite 6.19 for RHEL 9" }, { "lang": "en", "value": "RHSA-2026:20569: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:23103: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:19715: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:16024: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:19550: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:18032: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:18027: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:17084: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:19719: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:19750: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:20570: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:22713: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:19714: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:20571: Red Hat Enterprise Linux AppStream EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:19450: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)" }, { "lang": "en", "value": "RHSA-2026:10217: Red Hat Enterprise Linux AppStream (v. 10)" }, { "lang": "en", "value": "RHSA-2026:29195: Red Hat Enterprise Linux AppStream (v. 10)" }, { "lang": "en", "value": "RHSA-2026:23102: Red Hat Enterprise Linux AppStream (v. 10)" }, { "lang": "en", "value": "RHSA-2026:19133: Red Hat Enterprise Linux AppStream (v. 10)" }, { "lang": "en", "value": "RHSA-2026:22141: Red Hat Enterprise Linux AppStream (v. 10)" }, { "lang": "en", "value": "RHSA-2026:19144: Red Hat Enterprise Linux AppStream (v. 10)" }, { "lang": "en", "value": "RHSA-2026:19135: Red Hat Enterprise Linux AppStream (v. 10)" }, { "lang": "en", "value": "RHSA-2026:24470: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)" }, { "lang": "en", "value": "RHSA-2026:22130: Red Hat Enterprise Linux AppStream (v. 10)" }, { "lang": "en", "value": "RHSA-2026:29035: Red Hat Enterprise Linux AppStream (v. 10)" }, { "lang": "en", "value": "RHSA-2026:24716: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)" }, { "lang": "en", "value": "RHSA-2026:33722: Red Hat Enterprise Linux AppStream (v. 8)" }, { "lang": "en", "value": "RHSA-2026:10704: Red Hat Enterprise Linux AppStream (v. 8)" }, { "lang": "en", "value": "RHSA-2026:16875: Red Hat Enterprise Linux AppStream (v. 8)" }, { "lang": "en", "value": "RHSA-2026:11507: Red Hat Enterprise Linux AppStream (v. 8)" }, { "lang": "en", "value": "RHSA-2026:11514: Red Hat Enterprise Linux AppStream (v. 8)" }, { "lang": "en", "value": "RHSA-2026:15980: Red Hat Enterprise Linux AppStream (v. 8)" }, { "lang": "en", "value": "RHSA-2026:19634: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)" }, { "lang": "en", "value": "RHSA-2026:34192: Red Hat Enterprise Linux AppStream E4S (v.9.4)" }, { "lang": "en", "value": "RHSA-2026:34196: Red Hat Enterprise Linux AppStream E4S (v.9.4)" }, { "lang": "en", "value": "RHSA-2026:34197: Red Hat Enterprise Linux AppStream E4S (v.9.4)" }, { "lang": "en", "value": "RHSA-2026:19721: Red Hat Enterprise Linux AppStream EUS (v.9.4)" }, { "lang": "en", "value": "RHSA-2026:20607: Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:20608: Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:19722: Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:16021: Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:20556: Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:19839: Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:28038: Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:19720: Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:22709: Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:17287: Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:24337: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:20609: Red Hat Enterprise Linux AppStream EUS (v.9.6)" }, { "lang": "en", "value": "RHSA-2026:14200: Red Hat Enterprise Linux AppStream (v. 9)" }, { "lang": "en", "value": "RHSA-2026:10219: Red Hat Enterprise Linux AppStream (v. 9)" }, { "lang": "en", "value": "RHSA-2026:29455: Red Hat Enterprise Linux AppStream (v. 9)" }, { "lang": "en", "value": "RHSA-2026:29703: Red Hat Enterprise Linux AppStream (v. 9)" }, { "lang": "en", "value": "RHSA-2026:19350: Red Hat Enterprise Linux AppStream (v. 9)" }, { "lang": "en", "value": "RHSA-2026:19353: Red Hat Enterprise Linux AppStream (v. 9)" }, { "lang": "en", "value": "RHSA-2026:26447: Red Hat Enterprise Linux AppStream (v. 9)" }, { "lang": "en", "value": "RHSA-2026:22309: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)" }, { "lang": "en", "value": "RHSA-2026:29702: Red Hat Enterprise Linux AppStream (v. 9)" }, { "lang": "en", "value": "RHSA-2026:28074: Red Hat Enterprise Linux AppStream (v. 9)" }, { "lang": "en", "value": "RHSA-2026:26636: Custom Metric Autoscaler 2.19" }, { "lang": "en", "value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0" }, { "lang": "en", "value": "RHSA-2026:26585: Logging Subsystem for Red Hat OpenShift 6.0" }, { "lang": "en", "value": "RHSA-2026:22862: Logging Subsystem for Red Hat OpenShift 6.4" }, { "lang": "en", "value": "RHSA-2026:22347: Multicluster Global Hub 1.4.5" }, { "lang": "en", "value": "RHSA-2026:21769: Multicluster Global Hub 1.5.4" }, { "lang": "en", "value": "RHSA-2026:23345: Multicluster Global Hub 1.6.2" }, { "lang": "en", "value": "RHSA-2026:16874: Network Observability (NETOBSERV) 1.11.2" }, { "lang": "en", "value": "RHSA-2026:29854: OpenShift API for Data Protection 1.4" }, { "lang": "en", "value": "RHSA-2026:26568: OpenShift API for Data Protection 1.5" }, { "lang": "en", "value": "RHSA-2026:26571: OpenShift Compliance Operator 1" }, { "lang": "en", "value": "RHSA-2026:25127: Red Hat Advanced Cluster Management for Kubernetes 2.14" }, { "lang": "en", "value": "RHSA-2026:13829: Red Hat Advanced Cluster Security for Kubernetes 4.10" }, { "lang": "en", "value": "RHSA-2026:20889: Red Hat Advanced Cluster Security for Kubernetes 4.10" }, { "lang": "en", "value": "RHSA-2026:13791: Red Hat Advanced Cluster Security for Kubernetes 4.9" }, { "lang": "en", "value": "RHSA-2026:36319: Red Hat Advanced Cluster Security for Kubernetes 4.9" }, { "lang": "en", "value": "RHSA-2026:13545: Red Hat Ansible Automation Platform 2.6" }, { "lang": "en", "value": "RHSA-2026:21338: Red Hat Developer Hub 1.8" }, { "lang": "en", "value": "RHSA-2026:13826: Red Hat Developer Hub 1.9" }, { "lang": "en", "value": "RHSA-2026:36651: Red Hat Edge Manager 1.0" }, { "lang": "en", "value": "RHSA-2026:22485: Red Hat Lightspeed (formerly Insights) for Runtimes 1" }, { "lang": "en", "value": "RHSA-2026:24977: Red Hat OpenShift AI 2.25" }, { "lang": "en", "value": "RHSA-2026:24359: Red Hat OpenShift Builds 1.7.4" }, { "lang": "en", "value": "RHSA-2026:21772: Red Hat OpenShift Dev Spaces 3.28" }, { "lang": "en", "value": "RHSA-2026:11688: Red Hat OpenShift Service Mesh 2.6" }, { "lang": "en", "value": "RHSA-2026:16476: Red Hat OpenShift Service Mesh 2.6" }, { "lang": "en", "value": "RHSA-2026:16505: Red Hat OpenShift Service Mesh 3.1" }, { "lang": "en", "value": "RHSA-2026:16532: Red Hat OpenShift Service Mesh 3.1" }, { "lang": "en", "value": "RHSA-2026:16508: Red Hat OpenShift Service Mesh 3.2" }, { "lang": "en", "value": "RHSA-2026:16535: Red Hat OpenShift Service Mesh 3.2" }, { "lang": "en", "value": "RHSA-2026:16537: Red Hat OpenShift Service Mesh 3.3" }, { "lang": "en", "value": "RHSA-2026:16542: Red Hat OpenShift Service Mesh 3.3" }, { "lang": "en", "value": "RHSA-2026:16477: Red Hat OpenShift Service Mesh 3" }, { "lang": "en", "value": "RHSA-2026:16534: Red Hat OpenShift Service Mesh 3" }, { "lang": "en", "value": "RHSA-2026:14162: Red Hat OpenShift distributed tracing 3.9.3" }, { "lang": "en", "value": "RHSA-2026:9385: Red Hat OpenShift distributed tracing 3.9.3" }, { "lang": "en", "value": "RHSA-2026:14020: Red Hat OpenStack 1.5" }, { "lang": "en", "value": "RHSA-2026:22840: Red Hat Quay 3.10" }, { "lang": "en", "value": "RHSA-2026:21017: Red Hat Quay 3.14" }, { "lang": "en", "value": "RHSA-2026:24853: Red Hat Quay 3.15" }, { "lang": "en", "value": "RHSA-2026:19375: Red Hat Quay 3.16" }, { "lang": "en", "value": "RHSA-2026:22465: Red Hat Quay 3.17" }, { "lang": "en", "value": "RHSA-2026:23361: Red Hat Quay 3.9" }, { "lang": "en", "value": "RHSA-2026:24478: Red Hat Trusted Artifact Signer 1.3" }, { "lang": "en", "value": "RHSA-2026:22960: Red Hat Web Terminal 1.11" }, { "lang": "en", "value": "RHSA-2026:22958: Red Hat Web Terminal 1.12" }, { "lang": "en", "value": "RHSA-2026:22962: Red Hat Web Terminal 1.13" }, { "lang": "en", "value": "RHSA-2026:22959: Red Hat Web Terminal 1.14" }, { "lang": "en", "value": "RHSA-2026:22961: Red Hat Web Terminal 1.15" }, { "lang": "en", "value": "RHSA-2026:28441: mirror registry for Red Hat OpenShift 2.0" }, { "lang": "en", "value": "RHSA-2026:22422: multicluster engine for Kubernetes 2.10" }, { "lang": "en", "value": "RHSA-2026:22268: multicluster engine for Kubernetes 2.11" }, { "lang": "en", "value": "RHSA-2026:22415: multicluster engine for Kubernetes 2.17" }, { "lang": "en", "value": "RHSA-2026:28198: multicluster engine for Kubernetes 2.6" }, { "lang": "en", "value": "RHSA-2026:28196: multicluster engine for Kubernetes 2.6" }, { "lang": "en", "value": "RHSA-2026:22258: multicluster engine for Kubernetes 2.8" }, { "lang": "en", "value": "RHSA-2026:22260: multicluster engine for Kubernetes 2.8" } ], "timeline": [ { "lang": "en", "time": "2026-04-08T02:01:19.572Z", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2026-04-08T01:06:58.595Z", "value": "Made public." } ], "title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building", "x_adpType": "supplier", "x_generator": { "engine": "sadp-cli 1.0.0" }, "providerMetadata": { "orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c", "shortName": "redhat-SADP", "dateUpdated": "2026-07-10T12:05:46.414Z" } } ] } }