[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2026:20085-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":26,"duplicates":27,"related":28,"reserved_at":9,"published_at":35,"modified_at":36,"state":9,"summary":37,"references_raw":39,"kevs":95,"epss":9,"epss_history":96,"metrics":97,"affected":98},"OPENSUSE-SU-2026:20085-1","Security update for go1.25\n\nThis update for go1.25 fixes the following issues:\n\nUpdate to go1.25.6 (released 2026-01-15) (bsc#1244485)\n\nSecurity fixes:\n\n - CVE-2025-61730: crypto/tls: handshake messages may be processed at the incorrect encryption level (bsc#1256821).\n - CVE-2025-68119: cmd/go: unexpected code execution when invoking toolchain (bsc#1256820).\n - CVE-2025-61731: cmd/go: bypass of flag sanitization can lead to arbitrary code execution (bsc#1256819).\n - CVE-2025-61726: net/http: memory exhaustion in Request.ParseForm (bsc#1256817).\n - CVE-2025-61728: archive/zip: denial of service when parsing arbitrary ZIP archives (bsc#1256816).\n - CVE-2025-68121: crypto/tls: Config.Clone copies automatically generated session ticket keys, session resumption does not account for the expiration of full certificate chain (bsc#1256818).\n\nOther fixes:\n\n  * go#76392 os: package initialization hangs is Stdin is blocked\n  * go#76409 crypto/tls: earlyTrafficSecret should use ClientHelloInner if ECH enabled\n  * go#76620 os: on Unix, Readdirnames skips directory entries with zero inodes\n  * go#76761 runtime: stack split at bad time in os/signal with Go 1.25.4 windows 386\n  * go#76776 runtime: race detector crash on ppc64le\n  * go#76967 cmd/compile/internal/ssa: Compile.func1(): panic during sccp while compiling &lt;function&gt;: runtime error: index out of range\n  * go#76973 errors: errors.Join behavior changed in 1.25\n",null,[],[],[],[14,16,18,20,22,24],{"_key":15},"CVE-2025-61726",{"_key":17},"CVE-2025-61728",{"_key":19},"CVE-2025-61730",{"_key":21},"CVE-2025-61731",{"_key":23},"CVE-2025-68119",{"_key":25},"CVE-2025-68121",[],[],[29,30,31,32,33,34],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},"2026-01-22T15:49:20Z","2026-03-23T04:54:43.239091Z",{"cisa_kev":38,"cisa_ransomware":38,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[40,46,50,54,58,62,66,70,75,79,83,87,91],{"url":41,"sources":42,"tags":44},"https://bugzilla.suse.com/1244485",[43],"osv_opensuse",[45],"REPORT",{"url":47,"sources":48,"tags":49},"https://bugzilla.suse.com/1256816",[43],[45],{"url":51,"sources":52,"tags":53},"https://bugzilla.suse.com/1256817",[43],[45],{"url":55,"sources":56,"tags":57},"https://bugzilla.suse.com/1256818",[43],[45],{"url":59,"sources":60,"tags":61},"https://bugzilla.suse.com/1256819",[43],[45],{"url":63,"sources":64,"tags":65},"https://bugzilla.suse.com/1256820",[43],[45],{"url":67,"sources":68,"tags":69},"https://bugzilla.suse.com/1256821",[43],[45],{"url":71,"sources":72,"tags":73},"https://www.suse.com/security/cve/CVE-2025-61726",[43],[74],"WEB",{"url":76,"sources":77,"tags":78},"https://www.suse.com/security/cve/CVE-2025-61728",[43],[74],{"url":80,"sources":81,"tags":82},"https://www.suse.com/security/cve/CVE-2025-61730",[43],[74],{"url":84,"sources":85,"tags":86},"https://www.suse.com/security/cve/CVE-2025-61731",[43],[74],{"url":88,"sources":89,"tags":90},"https://www.suse.com/security/cve/CVE-2025-68119",[43],[74],{"url":92,"sources":93,"tags":94},"https://www.suse.com/security/cve/CVE-2025-68121",[43],[74],[],[],[],[99],{"ecosystem":100,"name":101,"vendor":102,"product":103,"cpe_part":9,"purl_type":104,"purl_namespace":102,"purl_name":103,"source":9,"versions":105},"openSUSE","go1.25","opensuse","go1.25&distro=openSUSE Leap 16.0","rpm",[106],{"version":107,"is_range":108,"range_type":109,"version_start":9,"version_start_type":9,"version_end":110,"version_end_type":111,"fixed_in":9},"lt1_25_6_160000_1_1",true,"ecosystem","1.25.6-160000.1.1","excluding"]