{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"go1.24-1.24.12-1.1 on GA media","title":"Title of the patch"},{"category":"description","text":"These are all security issues fixed in the go1.24-1.24.12-1.1 package on the GA media of openSUSE Tumbleweed.","title":"Description of the patch"},{"category":"details","text":"openSUSE-Tumbleweed-2026-10063","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10063-1.json"},{"category":"self","summary":"SUSE CVE CVE-2025-61726 page","url":"https://www.suse.com/security/cve/CVE-2025-61726/"},{"category":"self","summary":"SUSE CVE CVE-2025-61728 page","url":"https://www.suse.com/security/cve/CVE-2025-61728/"},{"category":"self","summary":"SUSE CVE CVE-2025-61730 page","url":"https://www.suse.com/security/cve/CVE-2025-61730/"},{"category":"self","summary":"SUSE CVE CVE-2025-61731 page","url":"https://www.suse.com/security/cve/CVE-2025-61731/"},{"category":"self","summary":"SUSE CVE CVE-2025-68119 page","url":"https://www.suse.com/security/cve/CVE-2025-68119/"},{"category":"self","summary":"SUSE CVE CVE-2025-68121 page","url":"https://www.suse.com/security/cve/CVE-2025-68121/"}],"title":"go1.24-1.24.12-1.1 on GA media","tracking":{"current_release_date":"2026-01-18T00:00:00Z","generator":{"date":"2026-01-18T00:00:00Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"openSUSE-SU-2026:10063-1","initial_release_date":"2026-01-18T00:00:00Z","revision_history":[{"date":"2026-01-18T00:00:00Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"go1.24-1.24.12-1.1.aarch64","product":{"name":"go1.24-1.24.12-1.1.aarch64","product_id":"go1.24-1.24.12-1.1.aarch64"}},{"category":"product_version","name":"go1.24-doc-1.24.12-1.1.aarch64","product":{"name":"go1.24-doc-1.24.12-1.1.aarch64","product_id":"go1.24-doc-1.24.12-1.1.aarch64"}},{"category":"product_version","name":"go1.24-libstd-1.24.12-1.1.aarch64","product":{"name":"go1.24-libstd-1.24.12-1.1.aarch64","product_id":"go1.24-libstd-1.24.12-1.1.aarch64"}},{"category":"product_version","name":"go1.24-race-1.24.12-1.1.aarch64","product":{"name":"go1.24-race-1.24.12-1.1.aarch64","product_id":"go1.24-race-1.24.12-1.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"go1.24-1.24.12-1.1.ppc64le","product":{"name":"go1.24-1.24.12-1.1.ppc64le","product_id":"go1.24-1.24.12-1.1.ppc64le"}},{"category":"product_version","name":"go1.24-doc-1.24.12-1.1.ppc64le","product":{"name":"go1.24-doc-1.24.12-1.1.ppc64le","product_id":"go1.24-doc-1.24.12-1.1.ppc64le"}},{"category":"product_version","name":"go1.24-libstd-1.24.12-1.1.ppc64le","product":{"name":"go1.24-libstd-1.24.12-1.1.ppc64le","product_id":"go1.24-libstd-1.24.12-1.1.ppc64le"}},{"category":"product_version","name":"go1.24-race-1.24.12-1.1.ppc64le","product":{"name":"go1.24-race-1.24.12-1.1.ppc64le","product_id":"go1.24-race-1.24.12-1.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"go1.24-1.24.12-1.1.s390x","product":{"name":"go1.24-1.24.12-1.1.s390x","product_id":"go1.24-1.24.12-1.1.s390x"}},{"category":"product_version","name":"go1.24-doc-1.24.12-1.1.s390x","product":{"name":"go1.24-doc-1.24.12-1.1.s390x","product_id":"go1.24-doc-1.24.12-1.1.s390x"}},{"category":"product_version","name":"go1.24-libstd-1.24.12-1.1.s390x","product":{"name":"go1.24-libstd-1.24.12-1.1.s390x","product_id":"go1.24-libstd-1.24.12-1.1.s390x"}},{"category":"product_version","name":"go1.24-race-1.24.12-1.1.s390x","product":{"name":"go1.24-race-1.24.12-1.1.s390x","product_id":"go1.24-race-1.24.12-1.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"go1.24-1.24.12-1.1.x86_64","product":{"name":"go1.24-1.24.12-1.1.x86_64","product_id":"go1.24-1.24.12-1.1.x86_64"}},{"category":"product_version","name":"go1.24-doc-1.24.12-1.1.x86_64","product":{"name":"go1.24-doc-1.24.12-1.1.x86_64","product_id":"go1.24-doc-1.24.12-1.1.x86_64"}},{"category":"product_version","name":"go1.24-libstd-1.24.12-1.1.x86_64","product":{"name":"go1.24-libstd-1.24.12-1.1.x86_64","product_id":"go1.24-libstd-1.24.12-1.1.x86_64"}},{"category":"product_version","name":"go1.24-race-1.24.12-1.1.x86_64","product":{"name":"go1.24-race-1.24.12-1.1.x86_64","product_id":"go1.24-race-1.24.12-1.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"openSUSE Tumbleweed","product":{"name":"openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed","product_identification_helper":{"cpe":"cpe:/o:opensuse:tumbleweed"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"go1.24-1.24.12-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64"},"product_reference":"go1.24-1.24.12-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-1.24.12-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le"},"product_reference":"go1.24-1.24.12-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-1.24.12-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x"},"product_reference":"go1.24-1.24.12-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-1.24.12-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64"},"product_reference":"go1.24-1.24.12-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-doc-1.24.12-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64"},"product_reference":"go1.24-doc-1.24.12-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-doc-1.24.12-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le"},"product_reference":"go1.24-doc-1.24.12-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-doc-1.24.12-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x"},"product_reference":"go1.24-doc-1.24.12-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-doc-1.24.12-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64"},"product_reference":"go1.24-doc-1.24.12-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-libstd-1.24.12-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64"},"product_reference":"go1.24-libstd-1.24.12-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-libstd-1.24.12-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le"},"product_reference":"go1.24-libstd-1.24.12-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-libstd-1.24.12-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x"},"product_reference":"go1.24-libstd-1.24.12-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-libstd-1.24.12-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64"},"product_reference":"go1.24-libstd-1.24.12-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-race-1.24.12-1.1.aarch64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64"},"product_reference":"go1.24-race-1.24.12-1.1.aarch64","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-race-1.24.12-1.1.ppc64le as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le"},"product_reference":"go1.24-race-1.24.12-1.1.ppc64le","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-race-1.24.12-1.1.s390x as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x"},"product_reference":"go1.24-race-1.24.12-1.1.s390x","relates_to_product_reference":"openSUSE Tumbleweed"},{"category":"default_component_of","full_product_name":{"name":"go1.24-race-1.24.12-1.1.x86_64 as component of openSUSE Tumbleweed","product_id":"openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"},"product_reference":"go1.24-race-1.24.12-1.1.x86_64","relates_to_product_reference":"openSUSE Tumbleweed"}]},"vulnerabilities":[{"cve":"CVE-2025-61726","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2025-61726"}],"notes":[{"category":"general","text":"The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containing many unique query parameters can cause excessive memory consumption.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2025-61726","url":"https://www.suse.com/security/cve/CVE-2025-61726"},{"category":"external","summary":"SUSE Bug 1256817 for CVE-2025-61726","url":"https://bugzilla.suse.com/1256817"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":6.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","version":"3.1"},"products":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2026-01-18T00:00:00Z","details":"moderate"}],"title":"CVE-2025-61726"},{"cve":"CVE-2025-61728","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2025-61728"}],"notes":[{"category":"general","text":"archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2025-61728","url":"https://www.suse.com/security/cve/CVE-2025-61728"},{"category":"external","summary":"SUSE Bug 1256816 for CVE-2025-61728","url":"https://bugzilla.suse.com/1256816"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":5.5,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","version":"3.1"},"products":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2026-01-18T00:00:00Z","details":"moderate"}],"title":"CVE-2025-61728"},{"cve":"CVE-2025-61730","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2025-61730"}],"notes":[{"category":"general","text":"During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2025-61730","url":"https://www.suse.com/security/cve/CVE-2025-61730"},{"category":"external","summary":"SUSE Bug 1256821 for CVE-2025-61730","url":"https://bugzilla.suse.com/1256821"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":3.7,"baseSeverity":"LOW","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"},"products":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2026-01-18T00:00:00Z","details":"moderate"}],"title":"CVE-2025-61730"},{"cve":"CVE-2025-61731","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2025-61731"}],"notes":[{"category":"general","text":"Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The \"#cgo pkg-config:\" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a \"--log-file\" argument to this directive, causing pkg-config to write to an attacker-controlled location.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2025-61731","url":"https://www.suse.com/security/cve/CVE-2025-61731"},{"category":"external","summary":"SUSE Bug 1256819 for CVE-2025-61731","url":"https://bugzilla.suse.com/1256819"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2026-01-18T00:00:00Z","details":"important"}],"title":"CVE-2025-61731"},{"cve":"CVE-2025-68119","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2025-68119"}],"notes":[{"category":"general","text":"Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial (hg) installed, downloading modules from non-standard sources (e.g., custom domains) can cause unexpected code execution due to how external VCS commands are constructed. This issue can also be triggered by providing a malicious version string to the toolchain. On systems with Git installed, downloading and building modules with malicious version strings can allow an attacker to write to arbitrary files on the filesystem. This can only be triggered by explicitly providing the malicious version strings to the toolchain and does not affect usage of @latest or bare module paths.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2025-68119","url":"https://www.suse.com/security/cve/CVE-2025-68119"},{"category":"external","summary":"SUSE Bug 1256820 for CVE-2025-68119","url":"https://bugzilla.suse.com/1256820"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2026-01-18T00:00:00Z","details":"important"}],"title":"CVE-2025-68119"},{"cve":"CVE-2025-68121","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2025-68121"}],"notes":[{"category":"general","text":"During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.","title":"CVE description"}],"product_status":{"recommended":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2025-68121","url":"https://www.suse.com/security/cve/CVE-2025-68121"},{"category":"external","summary":"SUSE Bug 1256818 for CVE-2025-68121","url":"https://bugzilla.suse.com/1256818"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.4,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","version":"3.1"},"products":["openSUSE Tumbleweed:go1.24-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-doc-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-libstd-1.24.12-1.1.x86_64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.aarch64","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.ppc64le","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.s390x","openSUSE Tumbleweed:go1.24-race-1.24.12-1.1.x86_64"]}],"threats":[{"category":"impact","date":"2026-01-18T00:00:00Z","details":"important"}],"title":"CVE-2025-68121"}]}