Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-34165 (GCVE-0-2026-34165)
Vulnerability from cvelistv5 – Published: 2026-03-31 13:46 – Updated: 2026-04-02 15:10
VLAI?
EPSS
Title
go-git: Maliciously crafted idx file can cause asymmetric memory consumption
Summary
go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a denial-of-service (DoS) condition. Exploitation requires write access to the local repository's .git directory, it order to create or alter existing .idx files. This issue has been patched in version 5.17.1.
Severity ?
5 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34165",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-02T15:09:59.782648Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-02T15:10:17.724Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "go-git",
"vendor": "go-git",
"versions": [
{
"status": "affected",
"version": "\u003e= 5.0.0, \u003c 5.17.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a denial-of-service (DoS) condition. Exploitation requires write access to the local repository\u0027s .git directory, it order to create or alter existing .idx files. This issue has been patched in version 5.17.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191: Integer Underflow (Wrap or Wraparound)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T13:46:37.688Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/go-git/go-git/security/advisories/GHSA-jhf3-xxhw-2wpp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-jhf3-xxhw-2wpp"
},
{
"name": "https://github.com/go-git/go-git/releases/tag/v5.17.1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/go-git/go-git/releases/tag/v5.17.1"
}
],
"source": {
"advisory": "GHSA-jhf3-xxhw-2wpp",
"discovery": "UNKNOWN"
},
"title": "go-git: Maliciously crafted idx file can cause asymmetric memory consumption"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34165",
"datePublished": "2026-03-31T13:46:37.688Z",
"dateReserved": "2026-03-25T20:12:04.197Z",
"dateUpdated": "2026-04-02T15:10:17.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-34165",
"date": "2026-05-07",
"epss": "6e-05",
"percentile": "0.00393"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-34165\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-31T15:16:17.343\",\"lastModified\":\"2026-04-02T16:49:16.047\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a denial-of-service (DoS) condition. Exploitation requires write access to the local repository\u0027s .git directory, it order to create or alter existing .idx files. This issue has been patched in version 5.17.1.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":5.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-191\"},{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:go-git_project:go-git:*:*:*:*:*:go:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.17.1\",\"matchCriteriaId\":\"E220E9FE-E976-448B-813E-87BD0E67C712\"}]}]}],\"references\":[{\"url\":\"https://github.com/go-git/go-git/releases/tag/v5.17.1\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\",\"Release Notes\"]},{\"url\":\"https://github.com/go-git/go-git/security/advisories/GHSA-jhf3-xxhw-2wpp\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-34165\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-02T15:09:59.782648Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-02T15:10:13.682Z\"}}], \"cna\": {\"title\": \"go-git: Maliciously crafted idx file can cause asymmetric memory consumption\", \"source\": {\"advisory\": \"GHSA-jhf3-xxhw-2wpp\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"go-git\", \"product\": \"go-git\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 5.0.0, \u003c 5.17.1\"}]}], \"references\": [{\"url\": \"https://github.com/go-git/go-git/security/advisories/GHSA-jhf3-xxhw-2wpp\", \"name\": \"https://github.com/go-git/go-git/security/advisories/GHSA-jhf3-xxhw-2wpp\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/go-git/go-git/releases/tag/v5.17.1\", \"name\": \"https://github.com/go-git/go-git/releases/tag/v5.17.1\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a denial-of-service (DoS) condition. Exploitation requires write access to the local repository\u0027s .git directory, it order to create or alter existing .idx files. This issue has been patched in version 5.17.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-191\", \"description\": \"CWE-191: Integer Underflow (Wrap or Wraparound)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"CWE-770: Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-31T13:46:37.688Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-34165\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-02T15:10:17.724Z\", \"dateReserved\": \"2026-03-25T20:12:04.197Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-31T13:46:37.688Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
FKIE_CVE-2026-34165
Vulnerability from fkie_nvd - Published: 2026-03-31 15:16 - Updated: 2026-04-02 16:49
Severity ?
Summary
go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a denial-of-service (DoS) condition. Exploitation requires write access to the local repository's .git directory, it order to create or alter existing .idx files. This issue has been patched in version 5.17.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| go-git_project | go-git | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:go-git_project:go-git:*:*:*:*:*:go:*:*",
"matchCriteriaId": "E220E9FE-E976-448B-813E-87BD0E67C712",
"versionEndExcluding": "5.17.1",
"versionStartIncluding": "5.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a denial-of-service (DoS) condition. Exploitation requires write access to the local repository\u0027s .git directory, it order to create or alter existing .idx files. This issue has been patched in version 5.17.1."
}
],
"id": "CVE-2026-34165",
"lastModified": "2026-04-02T16:49:16.047",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6,
"source": "security-advisories@github.com",
"type": "Secondary"
}
]
},
"published": "2026-03-31T15:16:17.343",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Product",
"Release Notes"
],
"url": "https://github.com/go-git/go-git/releases/tag/v5.17.1"
},
{
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
],
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-jhf3-xxhw-2wpp"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
},
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
cleanstart-2026-ml41879
Vulnerability from cleanstart
Published
2026-04-06 02:45
Modified
2026-04-03 07:11
Summary
Security fixes for CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.0-r0, 1.14.0-r1, 1.14.1-r0
Details
Multiple security vulnerabilities affect the grafana-alloy package. These issues are resolved in later releases. See references for individual vulnerability details.
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "grafana-alloy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.14.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the grafana-alloy package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ML41879",
"modified": "2026-04-03T07:11:16Z",
"published": "2026-04-06T02:45:36.057138Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ML41879.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32287"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33762"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34165"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-37cx-329c-33x3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6g7g-w4f8-9c9x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32287"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33762"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34165"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.0-r0, 1.14.0-r1, 1.14.1-r0",
"upstream": [
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25934",
"CVE-2026-26958",
"CVE-2026-32287",
"CVE-2026-33186",
"CVE-2026-33762",
"CVE-2026-34165",
"ghsa-37cx-329c-33x3",
"ghsa-6g7g-w4f8-9c9x",
"ghsa-fw7p-63qq-7hpr"
]
}
cleanstart-2026-dq17669
Vulnerability from cleanstart
Published
2026-04-06 02:45
Modified
2026-04-03 07:13
Summary
Security fixes for CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.1-r0, 1.14.1-r1
Details
Multiple security vulnerabilities affect the grafana-alloy package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "grafana-alloy"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.14.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the grafana-alloy package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DQ17669",
"modified": "2026-04-03T07:13:53Z",
"published": "2026-04-06T02:45:34.659600Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DQ17669.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32287"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33762"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34165"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-37cx-329c-33x3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6g7g-w4f8-9c9x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32287"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33762"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34165"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-32287, CVE-2026-33186, CVE-2026-33762, CVE-2026-34165, ghsa-37cx-329c-33x3, ghsa-6g7g-w4f8-9c9x, ghsa-fw7p-63qq-7hpr applied in versions: 1.13.2-r0, 1.14.1-r0, 1.14.1-r1",
"upstream": [
"CVE-2026-24051",
"CVE-2026-25934",
"CVE-2026-26958",
"CVE-2026-32287",
"CVE-2026-33186",
"CVE-2026-33762",
"CVE-2026-34165",
"ghsa-37cx-329c-33x3",
"ghsa-6g7g-w4f8-9c9x",
"ghsa-fw7p-63qq-7hpr"
]
}
GHSA-JHF3-XXHW-2WPP
Vulnerability from github – Published: 2026-03-30 17:17 – Updated: 2026-03-31 18:50
VLAI?
Summary
go-git: Maliciously crafted idx file can cause asymmetric memory consumption
Details
Impact
A vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a Denial of Service (DoS) condition.
Exploitation requires write access to the local repository's .git directory, it order to create or alter existing .idx files.
Patches
Users should upgrade to v5.17.1, or the latest v6 pseudo-version, in order to mitigate this vulnerability.
Credit
The go-git maintainers thank @kq5y for finding and reporting this issue privately to the go-git project.
Severity ?
5.0 (Medium)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 5.17.0"
},
"package": {
"ecosystem": "Go",
"name": "github.com/go-git/go-git/v5"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.17.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2026-34165"
],
"database_specific": {
"cwe_ids": [
"CWE-191",
"CWE-770"
],
"github_reviewed": true,
"github_reviewed_at": "2026-03-30T17:17:54Z",
"nvd_published_at": "2026-03-31T15:16:17Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nA vulnerability has been identified in which a maliciously crafted `.idx` file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a Denial of Service (DoS) condition.\n\nExploitation requires write access to the local repository\u0027s `.git` directory, it order to create or alter existing `.idx` files. \n\n### Patches\n\nUsers should upgrade to `v5.17.1`, or the latest `v6` [pseudo-version](https://go.dev/ref/mod#pseudo-versions), in order to mitigate this vulnerability.\n\n### Credit\n\nThe go-git maintainers thank @kq5y for finding and reporting this issue privately to the `go-git` project.",
"id": "GHSA-jhf3-xxhw-2wpp",
"modified": "2026-03-31T18:50:40Z",
"published": "2026-03-30T17:17:54Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-jhf3-xxhw-2wpp"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34165"
},
{
"type": "PACKAGE",
"url": "https://github.com/go-git/go-git"
},
{
"type": "WEB",
"url": "https://github.com/go-git/go-git/releases/tag/v5.17.1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "go-git: Maliciously crafted idx file can cause asymmetric memory consumption"
}
OPENSUSE-SU-2026:10684-1
Vulnerability from csaf_opensuse - Published: 2026-05-04 00:00 - Updated: 2026-05-04 00:00Summary
teleport-17.7.23-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: teleport-17.7.23-1.1 on GA media
Description of the patch: These are all security issues fixed in the teleport-17.7.23-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2026-10684
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "teleport-17.7.23-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the teleport-17.7.23-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10684",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10684-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-15558 page",
"url": "https://www.suse.com/security/cve/CVE-2025-15558/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-24051 page",
"url": "https://www.suse.com/security/cve/CVE-2026-24051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34165 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34165/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-4427 page",
"url": "https://www.suse.com/security/cve/CVE-2026-4427/"
}
],
"title": "teleport-17.7.23-1.1 on GA media",
"tracking": {
"current_release_date": "2026-05-04T00:00:00Z",
"generator": {
"date": "2026-05-04T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10684-1",
"initial_release_date": "2026-05-04T00:00:00Z",
"revision_history": [
{
"date": "2026-05-04T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "teleport-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-17.7.23-1.1.aarch64",
"product_id": "teleport-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-bash-completion-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-bash-completion-17.7.23-1.1.aarch64",
"product_id": "teleport-bash-completion-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"product_id": "teleport-fdpass-teleport-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-tbot-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-tbot-17.7.23-1.1.aarch64",
"product_id": "teleport-tbot-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"product_id": "teleport-tbot-bash-completion-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"product_id": "teleport-tbot-zsh-completion-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-tctl-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-tctl-17.7.23-1.1.aarch64",
"product_id": "teleport-tctl-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"product_id": "teleport-tctl-bash-completion-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"product_id": "teleport-tctl-zsh-completion-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-tsh-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-tsh-17.7.23-1.1.aarch64",
"product_id": "teleport-tsh-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"product_id": "teleport-tsh-bash-completion-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"product_id": "teleport-tsh-zsh-completion-17.7.23-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "teleport-zsh-completion-17.7.23-1.1.aarch64",
"product": {
"name": "teleport-zsh-completion-17.7.23-1.1.aarch64",
"product_id": "teleport-zsh-completion-17.7.23-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "teleport-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-17.7.23-1.1.ppc64le",
"product_id": "teleport-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-bash-completion-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-bash-completion-17.7.23-1.1.ppc64le",
"product_id": "teleport-bash-completion-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"product_id": "teleport-fdpass-teleport-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-tbot-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-tbot-17.7.23-1.1.ppc64le",
"product_id": "teleport-tbot-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"product_id": "teleport-tbot-bash-completion-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"product_id": "teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-tctl-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-tctl-17.7.23-1.1.ppc64le",
"product_id": "teleport-tctl-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"product_id": "teleport-tctl-bash-completion-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"product_id": "teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-tsh-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-tsh-17.7.23-1.1.ppc64le",
"product_id": "teleport-tsh-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"product_id": "teleport-tsh-bash-completion-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"product_id": "teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "teleport-zsh-completion-17.7.23-1.1.ppc64le",
"product": {
"name": "teleport-zsh-completion-17.7.23-1.1.ppc64le",
"product_id": "teleport-zsh-completion-17.7.23-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "teleport-17.7.23-1.1.s390x",
"product": {
"name": "teleport-17.7.23-1.1.s390x",
"product_id": "teleport-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-bash-completion-17.7.23-1.1.s390x",
"product": {
"name": "teleport-bash-completion-17.7.23-1.1.s390x",
"product_id": "teleport-bash-completion-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-fdpass-teleport-17.7.23-1.1.s390x",
"product": {
"name": "teleport-fdpass-teleport-17.7.23-1.1.s390x",
"product_id": "teleport-fdpass-teleport-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-tbot-17.7.23-1.1.s390x",
"product": {
"name": "teleport-tbot-17.7.23-1.1.s390x",
"product_id": "teleport-tbot-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"product": {
"name": "teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"product_id": "teleport-tbot-bash-completion-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"product": {
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"product_id": "teleport-tbot-zsh-completion-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-tctl-17.7.23-1.1.s390x",
"product": {
"name": "teleport-tctl-17.7.23-1.1.s390x",
"product_id": "teleport-tctl-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"product": {
"name": "teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"product_id": "teleport-tctl-bash-completion-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"product": {
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"product_id": "teleport-tctl-zsh-completion-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-tsh-17.7.23-1.1.s390x",
"product": {
"name": "teleport-tsh-17.7.23-1.1.s390x",
"product_id": "teleport-tsh-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"product": {
"name": "teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"product_id": "teleport-tsh-bash-completion-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"product": {
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"product_id": "teleport-tsh-zsh-completion-17.7.23-1.1.s390x"
}
},
{
"category": "product_version",
"name": "teleport-zsh-completion-17.7.23-1.1.s390x",
"product": {
"name": "teleport-zsh-completion-17.7.23-1.1.s390x",
"product_id": "teleport-zsh-completion-17.7.23-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "teleport-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-17.7.23-1.1.x86_64",
"product_id": "teleport-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-bash-completion-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-bash-completion-17.7.23-1.1.x86_64",
"product_id": "teleport-bash-completion-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"product_id": "teleport-fdpass-teleport-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-tbot-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-tbot-17.7.23-1.1.x86_64",
"product_id": "teleport-tbot-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"product_id": "teleport-tbot-bash-completion-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"product_id": "teleport-tbot-zsh-completion-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-tctl-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-tctl-17.7.23-1.1.x86_64",
"product_id": "teleport-tctl-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"product_id": "teleport-tctl-bash-completion-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"product_id": "teleport-tctl-zsh-completion-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-tsh-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-tsh-17.7.23-1.1.x86_64",
"product_id": "teleport-tsh-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"product_id": "teleport-tsh-bash-completion-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"product_id": "teleport-tsh-zsh-completion-17.7.23-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "teleport-zsh-completion-17.7.23-1.1.x86_64",
"product": {
"name": "teleport-zsh-completion-17.7.23-1.1.x86_64",
"product_id": "teleport-zsh-completion-17.7.23-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-17.7.23-1.1.s390x"
},
"product_reference": "teleport-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-bash-completion-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-bash-completion-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-bash-completion-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-bash-completion-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-bash-completion-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.s390x"
},
"product_reference": "teleport-bash-completion-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-bash-completion-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-bash-completion-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-fdpass-teleport-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-fdpass-teleport-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-fdpass-teleport-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.s390x"
},
"product_reference": "teleport-fdpass-teleport-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-fdpass-teleport-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-tbot-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-tbot-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.s390x"
},
"product_reference": "teleport-tbot-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-tbot-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-bash-completion-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-bash-completion-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-bash-completion-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.s390x"
},
"product_reference": "teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-bash-completion-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.s390x"
},
"product_reference": "teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tbot-zsh-completion-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-tctl-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-tctl-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.s390x"
},
"product_reference": "teleport-tctl-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-tctl-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-bash-completion-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-bash-completion-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-bash-completion-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.s390x"
},
"product_reference": "teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-bash-completion-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.s390x"
},
"product_reference": "teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tctl-zsh-completion-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-tsh-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-tsh-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.s390x"
},
"product_reference": "teleport-tsh-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-tsh-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-bash-completion-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-bash-completion-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-bash-completion-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.s390x"
},
"product_reference": "teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-bash-completion-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.s390x"
},
"product_reference": "teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-tsh-zsh-completion-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-zsh-completion-17.7.23-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.aarch64"
},
"product_reference": "teleport-zsh-completion-17.7.23-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-zsh-completion-17.7.23-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.ppc64le"
},
"product_reference": "teleport-zsh-completion-17.7.23-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-zsh-completion-17.7.23-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.s390x"
},
"product_reference": "teleport-zsh-completion-17.7.23-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "teleport-zsh-completion-17.7.23-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.x86_64"
},
"product_reference": "teleport-zsh-completion-17.7.23-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-15558",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-15558"
}
],
"notes": [
{
"category": "general",
"text": "Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that are executed when a victim user opens Docker Desktop or invokes Docker CLI plugin features, and allow privilege-escalation if the docker CLI is executed as a privileged user.\n\nThis issue affects Docker CLI: through 29.1.5 and Windows binaries acting as a CLI-plugin manager using the github.com/docker/cli/cli-plugins/manager https://pkg.go.dev/github.com/docker/cli@v29.1.5+incompatible/cli-plugins/manager package, such as Docker Compose.\n\nThis issue does not impact non-Windows binaries, and projects not using the plugin-manager code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-15558",
"url": "https://www.suse.com/security/cve/CVE-2025-15558"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-15558"
},
{
"cve": "CVE-2026-24051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-24051"
}
],
"notes": [
{
"category": "general",
"text": "OpenTelemetry-Go is the Go implementation of OpenTelemetry. The OpenTelemetry Go SDK in version v1.20.0-1.39.0 is vulnerable to Path Hijacking (Untrusted Search Paths) on macOS/Darwin systems. The resource detection code in sdk/resource/host_id.go executes the ioreg system command using a search path. An attacker with the ability to locally modify the PATH environment variable can achieve Arbitrary Code Execution (ACE) within the context of the application. A fix was released with v1.40.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-24051",
"url": "https://www.suse.com/security/cve/CVE-2026-24051"
},
{
"category": "external",
"summary": "SUSE Bug 1259133 for CVE-2026-24051",
"url": "https://bugzilla.suse.com/1259133"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-24051"
},
{
"cve": "CVE-2026-34165",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34165"
}
],
"notes": [
{
"category": "general",
"text": "go-git is an extensible git implementation library written in pure Go. From version 5.0.0 to before version 5.17.1, a vulnerability has been identified in which a maliciously crafted .idx file can cause asymmetric memory consumption, potentially exhausting available memory and resulting in a denial-of-service (DoS) condition. Exploitation requires write access to the local repository\u0027s .git directory, it order to create or alter existing .idx files. This issue has been patched in version 5.17.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34165",
"url": "https://www.suse.com/security/cve/CVE-2026-34165"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-04T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2026-34165"
},
{
"cve": "CVE-2026-4427",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-4427"
}
],
"notes": [
{
"category": "general",
"text": "Duplicate of CVE-2026-32286",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-4427",
"url": "https://www.suse.com/security/cve/CVE-2026-4427"
},
{
"category": "external",
"summary": "SUSE Bug 1259910 for CVE-2026-4427",
"url": "https://bugzilla.suse.com/1259910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-fdpass-teleport-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tbot-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tctl-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-bash-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-tsh-zsh-completion-17.7.23-1.1.x86_64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.aarch64",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.ppc64le",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.s390x",
"openSUSE Tumbleweed:teleport-zsh-completion-17.7.23-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-05-04T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2026-4427"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…