VDB

RHSA-2026%3A20608

RHSA-2026%3A20608 PUBLISHED CVSS 7.5 HIGH

A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Red Hatcontainernetworking-plugins-debugsource-1:1.6.2-3.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
Red Hatcontainernetworking-plugins-debugsource-1:1.6.2-3.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
Red Hatcontainernetworking-plugins-debuginfo-1:1.6.2-3.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
Red Hatcontainernetworking-plugins-1:1.6.2-3.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
Red Hatcontainernetworking-plugins-1:1.6.2-3.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
golangGo
golanggo
Red Hatcontainernetworking-plugins-debuginfo-1:1.6.2-3.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
Red Hatcontainernetworking-plugins
Red Hatcontainernetworking-plugins-debugsource-1:1.6.2-3.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
Red Hatcontainernetworking-plugins-debuginfo-1:1.6.2-3.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
Red Hatcontainernetworking-plugins-debuginfo-1:1.6.2-3.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
Red Hatcontainernetworking-plugins-debugsource-1:1.6.2-3.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
Red Hatcontainernetworking-plugins-1:1.6.2-3.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
Red Hatcontainernetworking-plugins-1:1.6.2-3.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9
Red Hatcontainernetworking-plugins-1:1.6.2-3.el9_6.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)1.6.2-3.el9, 1.6.2-3.el9, 1.6.2-3.el9

Timeline

  • May 26, 2026 CVE Published
  • May 28, 2026 Distribution Patch
  • May 28, 2026 Distribution Patch
  • May 28, 2026 Security Advisory
  • May 28, 2026 Security Advisory
  • May 28, 2026 Security Advisory
  • Jun 23, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›