Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-33814 (GCVE-0-2026-33814)
Vulnerability from cvelistv5 – Published: 2026-05-07 19:41 – Updated: 2026-07-06 12:05
VLAI
EPSS
Title
Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
Summary
When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
15 references
| URL | Tags |
|---|---|
| https://go.dev/cl/761581 | |
| https://go.dev/cl/761640 | |
| https://go.dev/issue/78476 | |
| https://groups.google.com/g/golang-announce/c/qcC… | |
| https://pkg.go.dev/vuln/GO-2026-4918 | |
| https://access.redhat.com/security/cve/CVE-2026-33814 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2467815 | issue-trackingx_refsource_REDHAT |
| https://security.access.redhat.com/data/csaf/v2/v… | x_sadp-csaf-vex |
| https://access.redhat.com/errata/RHSA-2026:34342 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:23262 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:23264 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33120 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33123 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33142 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2026:33150 | vendor-advisoryx_refsource_REDHAT |
Impacted products
16 products
| Vendor | Product | Version | |
|---|---|---|---|
| golang.org/x/net | golang.org/x/net/http2 |
Affected:
0 , < 0.53.0
(semver)
|
|
| Go standard library | net/http |
Affected:
0 , < 1.25.10
(semver)
Affected: 1.26.0-0 , < 1.26.3 (semver) |
|
| Red Hat | Cluster Observability Operator 1.5.0 |
cpe:/a:redhat:cluster_observability_operator:1.5::el9 |
|
| Red Hat | Red Hat Hardened Images |
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.0 |
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.3 |
cpe:/a:redhat:service_mesh:3.3::el9 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat Enterprise Linux AI (RHEL AI) 3 |
cpe:/a:redhat:enterprise_linux_ai:3 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | OpenShift Service Mesh 2 |
cpe:/a:redhat:service_mesh:2 |
Credits
Marwan Atia (marwansamir688@gmail.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-33814",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-08T18:00:53.951676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-08T18:01:02.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:cluster_observability_operator:1.5::el9"
],
"defaultStatus": "affected",
"product": "Cluster Observability Operator 1.5.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "unaffected",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
}
],
"datePublic": "2026-05-07T19:41:17.631Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-606",
"description": "Unchecked Input for Loop Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-06T12:05:03.996Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-33814"
},
{
"name": "RHBZ#2467815",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2467815"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33814.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34342"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23262"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23264"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33120"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33123"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33142"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33150"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:34342: Cluster Observability Operator 1.5.0"
},
{
"lang": "en",
"value": "RHSA-2026:23262: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:23264: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0"
},
{
"lang": "en",
"value": "RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-05-07T20:01:11.324Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-05-07T19:41:17.631Z",
"value": "Made public."
}
],
"title": "net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "golang.org/x/net/http2",
"product": "golang.org/x/net/http2",
"programRoutines": [
{
"name": "clientConnReadLoop.processSettingsNoWrite"
},
{
"name": "Transport.NewClientConn"
},
{
"name": "Transport.RoundTrip"
},
{
"name": "Transport.RoundTripOpt"
},
{
"name": "clientConnPool.GetClientConn"
},
{
"name": "noDialClientConnPool.GetClientConn"
},
{
"name": "noDialH2RoundTripper.NewClientConn"
},
{
"name": "noDialH2RoundTripper.RoundTrip"
},
{
"name": "unencryptedTransport.RoundTrip"
}
],
"vendor": "golang.org/x/net",
"versions": [
{
"lessThan": "0.53.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/http",
"product": "net/http",
"programRoutines": [
{
"name": "http2clientConnReadLoop.processSettingsNoWrite"
},
{
"name": "Client.CloseIdleConnections"
},
{
"name": "Client.Do"
},
{
"name": "Client.Get"
},
{
"name": "Client.Head"
},
{
"name": "Client.Post"
},
{
"name": "Client.PostForm"
},
{
"name": "ClientConn.Close"
},
{
"name": "ClientConn.RoundTrip"
},
{
"name": "Get"
},
{
"name": "Head"
},
{
"name": "Post"
},
{
"name": "PostForm"
},
{
"name": "Transport.CloseIdleConnections"
},
{
"name": "Transport.NewClientConn"
},
{
"name": "Transport.RoundTrip"
},
{
"name": "http1ClientConn.Close"
},
{
"name": "http1ClientConn.RoundTrip"
},
{
"name": "http2Transport.NewClientConn"
},
{
"name": "http2Transport.RoundTrip"
},
{
"name": "http2Transport.RoundTripOpt"
},
{
"name": "http2clientConnPool.GetClientConn"
},
{
"name": "http2noDialClientConnPool.GetClientConn"
},
{
"name": "http2noDialH2RoundTripper.NewClientConn"
},
{
"name": "http2noDialH2RoundTripper.RoundTrip"
},
{
"name": "http2unencryptedTransport.RoundTrip"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.25.10",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.3",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Marwan Atia (marwansamir688@gmail.com)"
}
],
"descriptions": [
{
"lang": "en",
"value": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-07T19:41:17.631Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/761581"
},
{
"url": "https://go.dev/cl/761640"
},
{
"url": "https://go.dev/issue/78476"
},
{
"url": "https://groups.google.com/g/golang-announce/c/qcCIEXso47M"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4918"
}
],
"title": "Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-33814",
"datePublished": "2026-05-07T19:41:17.631Z",
"dateReserved": "2026-03-23T20:35:32.814Z",
"dateUpdated": "2026-07-06T12:05:03.996Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-33814",
"date": "2026-07-07",
"epss": "0.00781",
"percentile": "0.5154"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-33814\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-05-07T20:16:42.880\",\"lastModified\":\"2026-07-06T13:16:39.617\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"golang.org/x/net\",\"product\":\"golang.org/x/net/http2\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"golang.org/x/net/http2\",\"programRoutines\":[{\"name\":\"clientConnReadLoop.processSettingsNoWrite\"},{\"name\":\"Transport.NewClientConn\"},{\"name\":\"Transport.RoundTrip\"},{\"name\":\"Transport.RoundTripOpt\"},{\"name\":\"clientConnPool.GetClientConn\"},{\"name\":\"noDialClientConnPool.GetClientConn\"},{\"name\":\"noDialH2RoundTripper.NewClientConn\"},{\"name\":\"noDialH2RoundTripper.RoundTrip\"},{\"name\":\"unencryptedTransport.RoundTrip\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"0.53.0\",\"versionType\":\"semver\",\"status\":\"affected\"}]},{\"vendor\":\"Go standard library\",\"product\":\"net/http\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"net/http\",\"programRoutines\":[{\"name\":\"http2clientConnReadLoop.processSettingsNoWrite\"},{\"name\":\"Client.CloseIdleConnections\"},{\"name\":\"Client.Do\"},{\"name\":\"Client.Get\"},{\"name\":\"Client.Head\"},{\"name\":\"Client.Post\"},{\"name\":\"Client.PostForm\"},{\"name\":\"ClientConn.Close\"},{\"name\":\"ClientConn.RoundTrip\"},{\"name\":\"Get\"},{\"name\":\"Head\"},{\"name\":\"Post\"},{\"name\":\"PostForm\"},{\"name\":\"Transport.CloseIdleConnections\"},{\"name\":\"Transport.NewClientConn\"},{\"name\":\"Transport.RoundTrip\"},{\"name\":\"http1ClientConn.Close\"},{\"name\":\"http1ClientConn.RoundTrip\"},{\"name\":\"http2Transport.NewClientConn\"},{\"name\":\"http2Transport.RoundTrip\"},{\"name\":\"http2Transport.RoundTripOpt\"},{\"name\":\"http2clientConnPool.GetClientConn\"},{\"name\":\"http2noDialClientConnPool.GetClientConn\"},{\"name\":\"http2noDialH2RoundTripper.NewClientConn\"},{\"name\":\"http2noDialH2RoundTripper.RoundTrip\"},{\"name\":\"http2unencryptedTransport.RoundTrip\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.25.10\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.26.0-0\",\"lessThan\":\"1.26.3\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Cluster Observability Operator 1.5.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cluster_observability_operator:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Hardened Images\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:hummingbird:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI (RHEL AI) 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Virtualization 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Service Mesh 2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:2\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-05-08T18:00:53.951676Z\",\"id\":\"CVE-2026-33814\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-835\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-606\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.25.10\",\"matchCriteriaId\":\"1C966EF3-C51C-4239-B5FC-C44A5202FEC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.26.0\",\"versionEndExcluding\":\"1.26.3\",\"matchCriteriaId\":\"522E4CD0-2B99-4363-9C78-0BAFD988A2D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:http2:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"0.53.0\",\"matchCriteriaId\":\"365ED1C8-AAF7-4BA7-949C-6F69AF4CD27E\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/761581\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/cl/761640\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/78476\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/qcCIEXso47M\",\"source\":\"security@golang.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4918\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23262\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23264\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33120\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33123\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33142\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33150\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34342\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-33814\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2467815\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33814.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"net/http/internal/http2: golang: golang.org/x/net: Go HTTP/2: Denial of Service via malformed SETTINGS_MAX_FRAME_SIZE frame\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:cluster_observability_operator:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Cluster Observability Operator 1.5.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:hummingbird:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Hardened Images\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI) 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Virtualization 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:2\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 2\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-05-07T20:01:11.324Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-05-07T19:41:17.631Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:34342: Cluster Observability Operator 1.5.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23262: Red Hat Hardened Images\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23264: Red Hat Hardened Images\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33120: Red Hat OpenShift Service Mesh 3.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33123: Red Hat OpenShift Service Mesh 3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33142: Red Hat OpenShift Service Mesh 3.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33150: Red Hat OpenShift Service Mesh 3.3\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-05-07T19:41:17.631Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-33814\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2467815\", \"name\": \"RHBZ#2467815\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33814.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34342\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23262\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23264\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33120\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33123\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33142\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33150\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in the HTTP/2 protocol implementation within the Go standard library (golang.org/x/net and net/http/internal/http2). A remote attacker can exploit this vulnerability by sending a specially crafted HTTP/2 SETTINGS frame with the SETTINGS_MAX_FRAME_SIZE parameter set to zero. This malicious frame causes the transport layer to enter an infinite loop of writing CONTINUATION frames, leading to resource exhaustion and a Denial of Service (DoS) condition.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-606\", \"description\": \"Unchecked Input for Loop Condition\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-06T12:05:03.996Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33814\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-08T18:00:53.951676Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-08T18:00:42.436Z\"}}], \"cna\": {\"title\": \"Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net\", \"credits\": [{\"lang\": \"en\", \"value\": \"Marwan Atia (marwansamir688@gmail.com)\"}], \"affected\": [{\"vendor\": \"golang.org/x/net\", \"product\": \"golang.org/x/net/http2\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.53.0\", \"versionType\": \"semver\"}], \"packageName\": \"golang.org/x/net/http2\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"clientConnReadLoop.processSettingsNoWrite\"}, {\"name\": \"Transport.NewClientConn\"}, {\"name\": \"Transport.RoundTrip\"}, {\"name\": \"Transport.RoundTripOpt\"}, {\"name\": \"clientConnPool.GetClientConn\"}, {\"name\": \"noDialClientConnPool.GetClientConn\"}, {\"name\": \"noDialH2RoundTripper.NewClientConn\"}, {\"name\": \"noDialH2RoundTripper.RoundTrip\"}, {\"name\": \"unencryptedTransport.RoundTrip\"}]}, {\"vendor\": \"Go standard library\", \"product\": \"net/http\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.25.10\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.26.0-0\", \"lessThan\": \"1.26.3\", \"versionType\": \"semver\"}], \"packageName\": \"net/http\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"http2clientConnReadLoop.processSettingsNoWrite\"}, {\"name\": \"Client.CloseIdleConnections\"}, {\"name\": \"Client.Do\"}, {\"name\": \"Client.Get\"}, {\"name\": \"Client.Head\"}, {\"name\": \"Client.Post\"}, {\"name\": \"Client.PostForm\"}, {\"name\": \"ClientConn.Close\"}, {\"name\": \"ClientConn.RoundTrip\"}, {\"name\": \"Get\"}, {\"name\": \"Head\"}, {\"name\": \"Post\"}, {\"name\": \"PostForm\"}, {\"name\": \"Transport.CloseIdleConnections\"}, {\"name\": \"Transport.NewClientConn\"}, {\"name\": \"Transport.RoundTrip\"}, {\"name\": \"http1ClientConn.Close\"}, {\"name\": \"http1ClientConn.RoundTrip\"}, {\"name\": \"http2Transport.NewClientConn\"}, {\"name\": \"http2Transport.RoundTrip\"}, {\"name\": \"http2Transport.RoundTripOpt\"}, {\"name\": \"http2clientConnPool.GetClientConn\"}, {\"name\": \"http2noDialClientConnPool.GetClientConn\"}, {\"name\": \"http2noDialH2RoundTripper.NewClientConn\"}, {\"name\": \"http2noDialH2RoundTripper.RoundTrip\"}, {\"name\": \"http2unencryptedTransport.RoundTrip\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/761581\"}, {\"url\": \"https://go.dev/cl/761640\"}, {\"url\": \"https://go.dev/issue/78476\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/qcCIEXso47M\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4918\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-05-07T19:41:17.631Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-33814\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-06T12:05:03.996Z\", \"dateReserved\": \"2026-03-23T20:35:32.814Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-05-07T19:41:17.631Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2026:22367-1
Vulnerability from csaf_suse - Published: 2026-06-25 12:44 - Updated: 2026-06-25 12:44Summary
Security update for docker
Severity
Important
Notes
Title of the patch: Security update for docker
Description of the patch: This update for docker fixes the following issues
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265782).
- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation
bypass and privilege escalation (bsc#1266625).
- CVE-2026-39984: github.com/sigstore/timestamp-authority/v2/pkg/verification: improper certificate validation can be
used to bypass some authorization controls (bsc#1262346).
- CVE-2026-41567: arbitrary code execution with full daemon privileges when a user uploads a compressed archive into
that container (bsc#1267827).
Patchnames: SUSE-SLES-16.0-1081
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.2 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues\n\n- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE\n (bsc#1265782).\n- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation\n bypass and privilege escalation (bsc#1266625).\n- CVE-2026-39984: github.com/sigstore/timestamp-authority/v2/pkg/verification: improper certificate validation can be\n used to bypass some authorization controls (bsc#1262346).\n- CVE-2026-41567: arbitrary code execution with full daemon privileges when a user uploads a compressed archive into\n that container (bsc#1267827).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-1081",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22367-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22367-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622367-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22367-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-July/047772.html"
},
{
"category": "self",
"summary": "SUSE Bug 1262346",
"url": "https://bugzilla.suse.com/1262346"
},
{
"category": "self",
"summary": "SUSE Bug 1265782",
"url": "https://bugzilla.suse.com/1265782"
},
{
"category": "self",
"summary": "SUSE Bug 1266625",
"url": "https://bugzilla.suse.com/1266625"
},
{
"category": "self",
"summary": "SUSE Bug 1267827",
"url": "https://bugzilla.suse.com/1267827"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39821 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39984 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-41567 page",
"url": "https://www.suse.com/security/cve/CVE-2026-41567/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2026-06-25T12:44:31Z",
"generator": {
"date": "2026-06-25T12:44:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22367-1",
"initial_release_date": "2026-06-25T12:44:31Z",
"revision_history": [
{
"date": "2026-06-25T12:44:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-29.4.0_ce-160000.7.1.aarch64",
"product": {
"name": "docker-29.4.0_ce-160000.7.1.aarch64",
"product_id": "docker-29.4.0_ce-160000.7.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.33.0-160000.7.1.aarch64",
"product": {
"name": "docker-buildx-0.33.0-160000.7.1.aarch64",
"product_id": "docker-buildx-0.33.0-160000.7.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"product": {
"name": "docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"product_id": "docker-bash-completion-29.4.0_ce-160000.7.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"product": {
"name": "docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"product_id": "docker-fish-completion-29.4.0_ce-160000.7.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"product": {
"name": "docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"product_id": "docker-rootless-extras-29.4.0_ce-160000.7.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"product": {
"name": "docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"product_id": "docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-29.4.0_ce-160000.7.1.ppc64le",
"product": {
"name": "docker-29.4.0_ce-160000.7.1.ppc64le",
"product_id": "docker-29.4.0_ce-160000.7.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.33.0-160000.7.1.ppc64le",
"product": {
"name": "docker-buildx-0.33.0-160000.7.1.ppc64le",
"product_id": "docker-buildx-0.33.0-160000.7.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-29.4.0_ce-160000.7.1.s390x",
"product": {
"name": "docker-29.4.0_ce-160000.7.1.s390x",
"product_id": "docker-29.4.0_ce-160000.7.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.33.0-160000.7.1.s390x",
"product": {
"name": "docker-buildx-0.33.0-160000.7.1.s390x",
"product_id": "docker-buildx-0.33.0-160000.7.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-29.4.0_ce-160000.7.1.x86_64",
"product": {
"name": "docker-29.4.0_ce-160000.7.1.x86_64",
"product_id": "docker-29.4.0_ce-160000.7.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.33.0-160000.7.1.x86_64",
"product": {
"name": "docker-buildx-0.33.0-160000.7.1.x86_64",
"product_id": "docker-buildx-0.33.0-160000.7.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-160000.7.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64"
},
"product_reference": "docker-29.4.0_ce-160000.7.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-160000.7.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le"
},
"product_reference": "docker-29.4.0_ce-160000.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-160000.7.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x"
},
"product_reference": "docker-29.4.0_ce-160000.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-160000.7.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64"
},
"product_reference": "docker-29.4.0_ce-160000.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-29.4.0_ce-160000.7.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch"
},
"product_reference": "docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-160000.7.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64"
},
"product_reference": "docker-buildx-0.33.0-160000.7.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-160000.7.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le"
},
"product_reference": "docker-buildx-0.33.0-160000.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-160000.7.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x"
},
"product_reference": "docker-buildx-0.33.0-160000.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-160000.7.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64"
},
"product_reference": "docker-buildx-0.33.0-160000.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-29.4.0_ce-160000.7.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch"
},
"product_reference": "docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-29.4.0_ce-160000.7.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch"
},
"product_reference": "docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-29.4.0_ce-160000.7.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
},
"product_reference": "docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-160000.7.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64"
},
"product_reference": "docker-29.4.0_ce-160000.7.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-160000.7.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le"
},
"product_reference": "docker-29.4.0_ce-160000.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-160000.7.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x"
},
"product_reference": "docker-29.4.0_ce-160000.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-160000.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64"
},
"product_reference": "docker-29.4.0_ce-160000.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-29.4.0_ce-160000.7.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch"
},
"product_reference": "docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-160000.7.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64"
},
"product_reference": "docker-buildx-0.33.0-160000.7.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-160000.7.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le"
},
"product_reference": "docker-buildx-0.33.0-160000.7.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-160000.7.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x"
},
"product_reference": "docker-buildx-0.33.0-160000.7.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-160000.7.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64"
},
"product_reference": "docker-buildx-0.33.0-160000.7.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-29.4.0_ce-160000.7.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch"
},
"product_reference": "docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-29.4.0_ce-160000.7.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch"
},
"product_reference": "docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-29.4.0_ce-160000.7.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
},
"product_reference": "docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
},
{
"category": "external",
"summary": "SUSE Bug 1268758 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1268758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-25T12:44:31Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-39821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39821"
}
],
"notes": [
{
"category": "general",
"text": "The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode(\"xn--example-.com\") incorrectly returns the name \"example.com\" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject \"example.com\" but permit \"xn--example-.com\". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name \"example.com\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39821",
"url": "https://www.suse.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "SUSE Bug 1266474 for CVE-2026-39821",
"url": "https://bugzilla.suse.com/1266474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-25T12:44:31Z",
"details": "important"
}
],
"title": "CVE-2026-39821"
},
{
"cve": "CVE-2026-39984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39984"
}
],
"notes": [
{
"category": "general",
"text": "Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint checks in VerifyLeafCert uses the first non-CA certificate from the PKCS#7 certificate bag instead of the leaf certificate from the verified chain. An attacker can exploit this by prepending a forged certificate to the certificate bag while the message is signed with an authorized key, causing the library to validate the signature against one certificate but perform authorization checks against another. This vulnerability only affects users of the timestamp-authority/v2/pkg/verification package and does not affect the timestamp-authority service itself or sigstore-go. The issue has been fixed in version 2.0.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39984",
"url": "https://www.suse.com/security/cve/CVE-2026-39984"
},
{
"category": "external",
"summary": "SUSE Bug 1262338 for CVE-2026-39984",
"url": "https://bugzilla.suse.com/1262338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-25T12:44:31Z",
"details": "moderate"
}
],
"title": "CVE-2026-39984"
},
{
"cve": "CVE-2026-41567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-41567"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via `PUT /containers/{id}/archive` or piped through `docker cp -`, the daemon resolves decompression binaries (such as `xz` or `unpigz`) from the container\u0027s filesystem rather than the host\u0027s due to incorrect ordering of operations. A malicious container image containing a trojanized decompression binary can achieve arbitrary code execution with full daemon privileges, including host root UID and unrestricted capabilities, when a user uploads a compressed (xz or gzip) archive into that container. This issue is fixed in Docker Engine 29.5.1 and moby/moby v2.0.0-beta.14. Workarounds include only running containers from trusted images, using authorization plugins to restrict access to the `PUT /containers/{id}/archive` endpoint, and avoiding piping compressed archives into containers created from untrusted images",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-41567",
"url": "https://www.suse.com/security/cve/CVE-2026-41567"
},
{
"category": "external",
"summary": "SUSE Bug 1267827 for CVE-2026-41567",
"url": "https://bugzilla.suse.com/1267827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-29.4.0_ce-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.33.0-160000.7.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-29.4.0_ce-160000.7.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-29.4.0_ce-160000.7.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-25T12:44:31Z",
"details": "important"
}
],
"title": "CVE-2026-41567"
}
]
}
SUSE-SU-2026:22424-1
Vulnerability from csaf_suse - Published: 2026-06-25 08:47 - Updated: 2026-06-25 08:47Summary
Security update for containerd
Severity
Important
Notes
Title of the patch: Security update for containerd
Description of the patch: This update for containerd fixes the following issues
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265794).
- CVE-2026-34986: github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of
service (bsc#1262948).
- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation
bypass and privilege escalation (bsc#1266640).
Patchnames: SUSE-SLE-Micro-6.0-769
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
17 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd fixes the following issues\n\n- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE\n (bsc#1265794).\n- CVE-2026-34986: github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of\n service (bsc#1262948).\n- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation\n bypass and privilege escalation (bsc#1266640).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-769",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22424-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22424-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622424-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22424-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-July/047871.html"
},
{
"category": "self",
"summary": "SUSE Bug 1262948",
"url": "https://bugzilla.suse.com/1262948"
},
{
"category": "self",
"summary": "SUSE Bug 1265794",
"url": "https://bugzilla.suse.com/1265794"
},
{
"category": "self",
"summary": "SUSE Bug 1266640",
"url": "https://bugzilla.suse.com/1266640"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34986 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39821 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39821/"
}
],
"title": "Security update for containerd",
"tracking": {
"current_release_date": "2026-06-25T08:47:18Z",
"generator": {
"date": "2026-06-25T08:47:18Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22424-1",
"initial_release_date": "2026-06-25T08:47:18Z",
"revision_history": [
{
"date": "2026-06-25T08:47:18Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-3.1.aarch64",
"product": {
"name": "containerd-1.7.29-3.1.aarch64",
"product_id": "containerd-1.7.29-3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-3.1.s390x",
"product": {
"name": "containerd-1.7.29-3.1.s390x",
"product_id": "containerd-1.7.29-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-3.1.x86_64",
"product": {
"name": "containerd-1.7.29-3.1.x86_64",
"product_id": "containerd-1.7.29-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-3.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64"
},
"product_reference": "containerd-1.7.29-3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-3.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x"
},
"product_reference": "containerd-1.7.29-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-3.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64"
},
"product_reference": "containerd-1.7.29-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
},
{
"category": "external",
"summary": "SUSE Bug 1268758 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1268758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-25T08:47:18Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-34986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34986"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34986",
"url": "https://www.suse.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "SUSE Bug 1262805 for CVE-2026-34986",
"url": "https://bugzilla.suse.com/1262805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-25T08:47:18Z",
"details": "important"
}
],
"title": "CVE-2026-34986"
},
{
"cve": "CVE-2026-39821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39821"
}
],
"notes": [
{
"category": "general",
"text": "The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode(\"xn--example-.com\") incorrectly returns the name \"example.com\" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject \"example.com\" but permit \"xn--example-.com\". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name \"example.com\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39821",
"url": "https://www.suse.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "SUSE Bug 1266474 for CVE-2026-39821",
"url": "https://bugzilla.suse.com/1266474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.aarch64",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.s390x",
"SUSE Linux Micro 6.0:containerd-1.7.29-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-25T08:47:18Z",
"details": "important"
}
],
"title": "CVE-2026-39821"
}
]
}
SUSE-SU-2026:22443-1
Vulnerability from csaf_suse - Published: 2026-06-25 08:44 - Updated: 2026-06-25 08:44Summary
Security update for containerd
Severity
Important
Notes
Title of the patch: Security update for containerd
Description of the patch: This update for containerd fixes the following issues
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265794).
- CVE-2026-34986: github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of
service (bsc#1262948).
- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation
bypass and privilege escalation (bsc#1266640).
Patchnames: SUSE-SLE-Micro-6.1-591
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
17 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for containerd",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for containerd fixes the following issues\n\n- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE\n (bsc#1265794).\n- CVE-2026-34986: github.com/go-jose/go-jose/v3: crafted JWE input with a missing encrypted key can lead to a denial of\n service (bsc#1262948).\n- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation\n bypass and privilege escalation (bsc#1266640).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-591",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22443-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22443-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622443-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22443-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-July/027263.html"
},
{
"category": "self",
"summary": "SUSE Bug 1262948",
"url": "https://bugzilla.suse.com/1262948"
},
{
"category": "self",
"summary": "SUSE Bug 1265794",
"url": "https://bugzilla.suse.com/1265794"
},
{
"category": "self",
"summary": "SUSE Bug 1266640",
"url": "https://bugzilla.suse.com/1266640"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-34986 page",
"url": "https://www.suse.com/security/cve/CVE-2026-34986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39821 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39821/"
}
],
"title": "Security update for containerd",
"tracking": {
"current_release_date": "2026-06-25T08:44:18Z",
"generator": {
"date": "2026-06-25T08:44:18Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22443-1",
"initial_release_date": "2026-06-25T08:44:18Z",
"revision_history": [
{
"date": "2026-06-25T08:44:18Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-slfo.1.1_3.1.aarch64",
"product": {
"name": "containerd-1.7.29-slfo.1.1_3.1.aarch64",
"product_id": "containerd-1.7.29-slfo.1.1_3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"product": {
"name": "containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"product_id": "containerd-1.7.29-slfo.1.1_3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-slfo.1.1_3.1.s390x",
"product": {
"name": "containerd-1.7.29-slfo.1.1_3.1.s390x",
"product_id": "containerd-1.7.29-slfo.1.1_3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-slfo.1.1_3.1.x86_64",
"product": {
"name": "containerd-1.7.29-slfo.1.1_3.1.x86_64",
"product_id": "containerd-1.7.29-slfo.1.1_3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-slfo.1.1_3.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64"
},
"product_reference": "containerd-1.7.29-slfo.1.1_3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-slfo.1.1_3.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le"
},
"product_reference": "containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-slfo.1.1_3.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x"
},
"product_reference": "containerd-1.7.29-slfo.1.1_3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-slfo.1.1_3.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64"
},
"product_reference": "containerd-1.7.29-slfo.1.1_3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
},
{
"category": "external",
"summary": "SUSE Bug 1268758 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1268758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-25T08:44:18Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-34986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-34986"
}
],
"notes": [
{
"category": "general",
"text": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-34986",
"url": "https://www.suse.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "SUSE Bug 1262805 for CVE-2026-34986",
"url": "https://bugzilla.suse.com/1262805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-25T08:44:18Z",
"details": "important"
}
],
"title": "CVE-2026-34986"
},
{
"cve": "CVE-2026-39821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39821"
}
],
"notes": [
{
"category": "general",
"text": "The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode(\"xn--example-.com\") incorrectly returns the name \"example.com\" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject \"example.com\" but permit \"xn--example-.com\". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name \"example.com\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39821",
"url": "https://www.suse.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "SUSE Bug 1266474 for CVE-2026-39821",
"url": "https://bugzilla.suse.com/1266474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:containerd-1.7.29-slfo.1.1_3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-25T08:44:18Z",
"details": "important"
}
],
"title": "CVE-2026-39821"
}
]
}
SUSE-SU-2026:22456-1
Vulnerability from csaf_suse - Published: 2026-06-30 11:41 - Updated: 2026-06-30 11:41Summary
Security update for docker
Severity
Important
Notes
Title of the patch: Security update for docker
Description of the patch: This update for docker fixes the following issues
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265782).
- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation
bypass and privilege escalation (bsc#1266625).
- CVE-2026-39984: github.com/sigstore/timestamp-authority/v2/pkg/verification: improper certificate validation can be
used to bypass some authorization controls (bsc#1262346).
- CVE-2026-41567: arbitrary code execution with full daemon privileges when a user uploads a compressed archive into
that container (bsc#1267827).
Patchnames: SUSE-SLE-Micro-6.1-605
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.4 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.2 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues\n\n- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE\n (bsc#1265782).\n- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation\n bypass and privilege escalation (bsc#1266625).\n- CVE-2026-39984: github.com/sigstore/timestamp-authority/v2/pkg/verification: improper certificate validation can be\n used to bypass some authorization controls (bsc#1262346).\n- CVE-2026-41567: arbitrary code execution with full daemon privileges when a user uploads a compressed archive into\n that container (bsc#1267827).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-605",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22456-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22456-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622456-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22456-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-July/027252.html"
},
{
"category": "self",
"summary": "SUSE Bug 1262346",
"url": "https://bugzilla.suse.com/1262346"
},
{
"category": "self",
"summary": "SUSE Bug 1265782",
"url": "https://bugzilla.suse.com/1265782"
},
{
"category": "self",
"summary": "SUSE Bug 1266625",
"url": "https://bugzilla.suse.com/1266625"
},
{
"category": "self",
"summary": "SUSE Bug 1267827",
"url": "https://bugzilla.suse.com/1267827"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39821 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-39984 page",
"url": "https://www.suse.com/security/cve/CVE-2026-39984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-41567 page",
"url": "https://www.suse.com/security/cve/CVE-2026-41567/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2026-06-30T11:41:11Z",
"generator": {
"date": "2026-06-30T11:41:11Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22456-1",
"initial_release_date": "2026-06-30T11:41:11Z",
"revision_history": [
{
"date": "2026-06-30T11:41:11Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"product": {
"name": "docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"product_id": "docker-29.4.0_ce-slfo.1.1_10.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"product": {
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"product_id": "docker-buildx-0.33.0-slfo.1.1_10.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"product": {
"name": "docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"product_id": "docker-29.4.0_ce-slfo.1.1_10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"product": {
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"product_id": "docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"product": {
"name": "docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"product_id": "docker-29.4.0_ce-slfo.1.1_10.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"product": {
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"product_id": "docker-buildx-0.33.0-slfo.1.1_10.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"product": {
"name": "docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"product_id": "docker-29.4.0_ce-slfo.1.1_10.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.x86_64",
"product": {
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.x86_64",
"product_id": "docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-slfo.1.1_10.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64"
},
"product_reference": "docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-slfo.1.1_10.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le"
},
"product_reference": "docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-slfo.1.1_10.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x"
},
"product_reference": "docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-29.4.0_ce-slfo.1.1_10.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64"
},
"product_reference": "docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64"
},
"product_reference": "docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le"
},
"product_reference": "docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x"
},
"product_reference": "docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.33.0-slfo.1.1_10.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
},
"product_reference": "docker-buildx-0.33.0-slfo.1.1_10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
},
{
"category": "external",
"summary": "SUSE Bug 1268758 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1268758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:41:11Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-39821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39821"
}
],
"notes": [
{
"category": "general",
"text": "The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode(\"xn--example-.com\") incorrectly returns the name \"example.com\" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject \"example.com\" but permit \"xn--example-.com\". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name \"example.com\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39821",
"url": "https://www.suse.com/security/cve/CVE-2026-39821"
},
{
"category": "external",
"summary": "SUSE Bug 1266474 for CVE-2026-39821",
"url": "https://bugzilla.suse.com/1266474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:41:11Z",
"details": "important"
}
],
"title": "CVE-2026-39821"
},
{
"cve": "CVE-2026-39984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-39984"
}
],
"notes": [
{
"category": "general",
"text": "Sigstore Timestamp Authority is a service for issuing RFC 3161 timestamps. Versions 2.0.5 and below contain an authorization bypass vulnerability in the VerifyTimestampResponse function. VerifyTimestampResponse correctly verifies the certificate chain signature, but the TSA-specific constraint checks in VerifyLeafCert uses the first non-CA certificate from the PKCS#7 certificate bag instead of the leaf certificate from the verified chain. An attacker can exploit this by prepending a forged certificate to the certificate bag while the message is signed with an authorized key, causing the library to validate the signature against one certificate but perform authorization checks against another. This vulnerability only affects users of the timestamp-authority/v2/pkg/verification package and does not affect the timestamp-authority service itself or sigstore-go. The issue has been fixed in version 2.0.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-39984",
"url": "https://www.suse.com/security/cve/CVE-2026-39984"
},
{
"category": "external",
"summary": "SUSE Bug 1262338 for CVE-2026-39984",
"url": "https://bugzilla.suse.com/1262338"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:41:11Z",
"details": "moderate"
}
],
"title": "CVE-2026-39984"
},
{
"cve": "CVE-2026-41567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-41567"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via `PUT /containers/{id}/archive` or piped through `docker cp -`, the daemon resolves decompression binaries (such as `xz` or `unpigz`) from the container\u0027s filesystem rather than the host\u0027s due to incorrect ordering of operations. A malicious container image containing a trojanized decompression binary can achieve arbitrary code execution with full daemon privileges, including host root UID and unrestricted capabilities, when a user uploads a compressed (xz or gzip) archive into that container. This issue is fixed in Docker Engine 29.5.1 and moby/moby v2.0.0-beta.14. Workarounds include only running containers from trusted images, using authorization plugins to restrict access to the `PUT /containers/{id}/archive` endpoint, and avoiding piping compressed archives into containers created from untrusted images",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-41567",
"url": "https://www.suse.com/security/cve/CVE-2026-41567"
},
{
"category": "external",
"summary": "SUSE Bug 1267827 for CVE-2026-41567",
"url": "https://bugzilla.suse.com/1267827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-29.4.0_ce-slfo.1.1_10.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.33.0-slfo.1.1_10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T11:41:11Z",
"details": "important"
}
],
"title": "CVE-2026-41567"
}
]
}
SUSE-SU-2026:2280-1
Vulnerability from csaf_suse - Published: 2026-06-05 12:11 - Updated: 2026-06-05 12:11Summary
Security update for ignition
Severity
Important
Notes
Title of the patch: Security update for ignition
Description of the patch: This update for ignition fixes the following issue
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265751).
Patchnames: SUSE-2026-2280,SUSE-SLE-Module-HPC-15-SP7-2026-2280,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2280
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for HPC 15 SP7:ignition-2.14.0-150400.9.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for HPC 15 SP7:ignition-2.14.0-150400.9.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for HPC 15 SP7:ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for HPC 15 SP7:ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-2.14.0-150400.9.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-2.14.0-150400.9.18.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for ignition",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for ignition fixes the following issue\n\n- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE\n (bsc#1265751).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2280,SUSE-SLE-Module-HPC-15-SP7-2026-2280,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2280",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2280-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2280-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262280-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2280-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047125.html"
},
{
"category": "self",
"summary": "SUSE Bug 1265751",
"url": "https://bugzilla.suse.com/1265751"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
}
],
"title": "Security update for ignition",
"tracking": {
"current_release_date": "2026-06-05T12:11:41Z",
"generator": {
"date": "2026-06-05T12:11:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2280-1",
"initial_release_date": "2026-06-05T12:11:41Z",
"revision_history": [
{
"date": "2026-06-05T12:11:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ignition-2.14.0-150400.9.18.1.aarch64",
"product": {
"name": "ignition-2.14.0-150400.9.18.1.aarch64",
"product_id": "ignition-2.14.0-150400.9.18.1.aarch64"
}
},
{
"category": "product_version",
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64",
"product": {
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64",
"product_id": "ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ignition-2.14.0-150400.9.18.1.i586",
"product": {
"name": "ignition-2.14.0-150400.9.18.1.i586",
"product_id": "ignition-2.14.0-150400.9.18.1.i586"
}
},
{
"category": "product_version",
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.i586",
"product": {
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.i586",
"product_id": "ignition-dracut-grub2-2.14.0-150400.9.18.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "ignition-2.14.0-150400.9.18.1.ppc64le",
"product": {
"name": "ignition-2.14.0-150400.9.18.1.ppc64le",
"product_id": "ignition-2.14.0-150400.9.18.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.ppc64le",
"product": {
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.ppc64le",
"product_id": "ignition-dracut-grub2-2.14.0-150400.9.18.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ignition-2.14.0-150400.9.18.1.s390x",
"product": {
"name": "ignition-2.14.0-150400.9.18.1.s390x",
"product_id": "ignition-2.14.0-150400.9.18.1.s390x"
}
},
{
"category": "product_version",
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.s390x",
"product": {
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.s390x",
"product_id": "ignition-dracut-grub2-2.14.0-150400.9.18.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ignition-2.14.0-150400.9.18.1.x86_64",
"product": {
"name": "ignition-2.14.0-150400.9.18.1.x86_64",
"product_id": "ignition-2.14.0-150400.9.18.1.x86_64"
}
},
{
"category": "product_version",
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64",
"product": {
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64",
"product_id": "ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for HPC 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for HPC 15 SP7",
"product_id": "SUSE Linux Enterprise Module for HPC 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-hpc:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-2.14.0-150400.9.18.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 15 SP7",
"product_id": "SUSE Linux Enterprise Module for HPC 15 SP7:ignition-2.14.0-150400.9.18.1.aarch64"
},
"product_reference": "ignition-2.14.0-150400.9.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for HPC 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-2.14.0-150400.9.18.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 15 SP7",
"product_id": "SUSE Linux Enterprise Module for HPC 15 SP7:ignition-2.14.0-150400.9.18.1.x86_64"
},
"product_reference": "ignition-2.14.0-150400.9.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for HPC 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64 as component of SUSE Linux Enterprise Module for HPC 15 SP7",
"product_id": "SUSE Linux Enterprise Module for HPC 15 SP7:ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64"
},
"product_reference": "ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for HPC 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64 as component of SUSE Linux Enterprise Module for HPC 15 SP7",
"product_id": "SUSE Linux Enterprise Module for HPC 15 SP7:ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64"
},
"product_reference": "ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for HPC 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-2.14.0-150400.9.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-2.14.0-150400.9.18.1.aarch64"
},
"product_reference": "ignition-2.14.0-150400.9.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-2.14.0-150400.9.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-2.14.0-150400.9.18.1.x86_64"
},
"product_reference": "ignition-2.14.0-150400.9.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64"
},
"product_reference": "ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64"
},
"product_reference": "ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-2.14.0-150400.9.18.1.x86_64",
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-2.14.0-150400.9.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-2.14.0-150400.9.18.1.x86_64",
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-2.14.0-150400.9.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-2.14.0-150400.9.18.1.x86_64",
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Module for HPC 15 SP7:ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-2.14.0-150400.9.18.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-dracut-grub2-2.14.0-150400.9.18.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:ignition-dracut-grub2-2.14.0-150400.9.18.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-05T12:11:41Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
}
]
}
SUSE-SU-2026:2315-1
Vulnerability from csaf_suse - Published: 2026-06-09 12:51 - Updated: 2026-06-09 12:51Summary
Security update for kubernetes1.23
Severity
Important
Notes
Title of the patch: Security update for kubernetes1.23
Description of the patch: This update for kubernetes1.23 fixes the following issues
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265740).
- CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service
(bsc#1262271).
Patchnames: SUSE-2026-2315,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2315,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2315,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2315,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2315
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.23",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.23 fixes the following issues\n\n- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE\n (bsc#1265740).\n- CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service\n (bsc#1262271).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2315,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2315,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2315,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2315,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2315",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2315-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2315-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262315-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2315-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047222.html"
},
{
"category": "self",
"summary": "SUSE Bug 1251168",
"url": "https://bugzilla.suse.com/1251168"
},
{
"category": "self",
"summary": "SUSE Bug 1262271",
"url": "https://bugzilla.suse.com/1262271"
},
{
"category": "self",
"summary": "SUSE Bug 1265740",
"url": "https://bugzilla.suse.com/1265740"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-35469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-35469/"
}
],
"title": "Security update for kubernetes1.23",
"tracking": {
"current_release_date": "2026-06-09T12:51:53Z",
"generator": {
"date": "2026-06-09T12:51:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2315-1",
"initial_release_date": "2026-06-09T12:51:53Z",
"revision_history": [
{
"date": "2026-06-09T12:51:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.aarch64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.aarch64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.aarch64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.aarch64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.aarch64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.aarch64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.aarch64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.aarch64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.aarch64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.aarch64",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.aarch64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.aarch64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-client-bash-completion-1.23.17-150300.7.17.1.noarch",
"product": {
"name": "kubernetes1.23-client-bash-completion-1.23.17-150300.7.17.1.noarch",
"product_id": "kubernetes1.23-client-bash-completion-1.23.17-150300.7.17.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-fish-completion-1.23.17-150300.7.17.1.noarch",
"product": {
"name": "kubernetes1.23-client-fish-completion-1.23.17-150300.7.17.1.noarch",
"product_id": "kubernetes1.23-client-fish-completion-1.23.17-150300.7.17.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.ppc64le",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.ppc64le",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.ppc64le",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.ppc64le",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.ppc64le",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.ppc64le",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.ppc64le",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.ppc64le",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.ppc64le",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.s390x",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.s390x",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.s390x",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.s390x",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.17.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.s390x",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.s390x",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.s390x",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.s390x",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.s390x",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.s390x",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.s390x",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.s390x",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.s390x",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.s390x",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.x86_64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.x86_64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150300.7.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"product_id": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"product_id": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.x86_64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.x86_64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150300.7.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.x86_64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.x86_64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150300.7.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.x86_64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150300.7.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.x86_64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150300.7.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.x86_64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.x86_64",
"product_id": "kubernetes1.23-proxy-1.23.17-150300.7.17.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.x86_64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.x86_64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150300.7.17.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.s390x"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.s390x"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T12:51:53Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-35469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-35469"
}
],
"notes": [
{
"category": "general",
"text": "spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count, the header count in parseHeaderValueBlock, and individual header field sizes - all read as 32-bit integers and used directly as allocation sizes with no bounds checking. Because SPDY header blocks are zlib-compressed, a small on-the-wire payload can decompress into large attacker-controlled values. A remote peer that can send SPDY frames to a service using spdystream can exhaust process memory and cause an out-of-memory crash with a single crafted control frame. This issue has been fixed in version 0.5.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-35469",
"url": "https://www.suse.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "SUSE Bug 1262264 for CVE-2026-35469",
"url": "https://bugzilla.suse.com/1262264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-1.23.17-150300.7.17.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.23-client-common-1.23.17-150300.7.17.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T12:51:53Z",
"details": "moderate"
}
],
"title": "CVE-2026-35469"
}
]
}
SUSE-SU-2026:2322-1
Vulnerability from csaf_suse - Published: 2026-06-09 14:32 - Updated: 2026-06-09 14:32Summary
Security update for kubernetes1.24
Severity
Important
Notes
Title of the patch: Security update for kubernetes1.24
Description of the patch: This update for kubernetes1.24 fixes the following issues
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265740).
- CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service
(bsc#1262271).
Patchnames: SUSE-2026-2322,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2322,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2322,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2322,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2322
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.24",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.24 fixes the following issues\n\n- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE\n (bsc#1265740).\n- CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service\n (bsc#1262271).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2322,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2322,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2322,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2322,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2322",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2322-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2322-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262322-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2322-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047216.html"
},
{
"category": "self",
"summary": "SUSE Bug 1251168",
"url": "https://bugzilla.suse.com/1251168"
},
{
"category": "self",
"summary": "SUSE Bug 1262271",
"url": "https://bugzilla.suse.com/1262271"
},
{
"category": "self",
"summary": "SUSE Bug 1265740",
"url": "https://bugzilla.suse.com/1265740"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-35469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-35469/"
}
],
"title": "Security update for kubernetes1.24",
"tracking": {
"current_release_date": "2026-06-09T14:32:16Z",
"generator": {
"date": "2026-06-09T14:32:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2322-1",
"initial_release_date": "2026-06-09T14:32:16Z",
"revision_history": [
{
"date": "2026-06-09T14:32:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.aarch64",
"product_id": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"product_id": "kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"product_id": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.aarch64",
"product_id": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.aarch64",
"product_id": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.aarch64",
"product_id": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.aarch64",
"product_id": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.aarch64",
"product_id": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.aarch64",
"product_id": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.24-client-bash-completion-1.24.17-150400.9.27.1.noarch",
"product": {
"name": "kubernetes1.24-client-bash-completion-1.24.17-150400.9.27.1.noarch",
"product_id": "kubernetes1.24-client-bash-completion-1.24.17-150400.9.27.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-fish-completion-1.24.17-150400.9.27.1.noarch",
"product": {
"name": "kubernetes1.24-client-fish-completion-1.24.17-150400.9.27.1.noarch",
"product_id": "kubernetes1.24-client-fish-completion-1.24.17-150400.9.27.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.s390x",
"product_id": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.s390x",
"product_id": "kubernetes1.24-client-1.24.17-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x",
"product_id": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.s390x",
"product_id": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.s390x",
"product_id": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.s390x",
"product_id": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.s390x",
"product_id": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.s390x",
"product_id": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.s390x",
"product_id": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.x86_64",
"product_id": "kubernetes1.24-apiserver-1.24.17-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"product_id": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"product_id": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.x86_64",
"product_id": "kubernetes1.24-controller-manager-1.24.17-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.x86_64",
"product_id": "kubernetes1.24-kubeadm-1.24.17-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.x86_64",
"product_id": "kubernetes1.24-kubelet-1.24.17-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.x86_64",
"product_id": "kubernetes1.24-kubelet-common-1.24.17-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.x86_64",
"product_id": "kubernetes1.24-proxy-1.24.17-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.x86_64",
"product_id": "kubernetes1.24-scheduler-1.24.17-150400.9.27.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.s390x"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.s390x"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T14:32:16Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-35469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-35469"
}
],
"notes": [
{
"category": "general",
"text": "spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count, the header count in parseHeaderValueBlock, and individual header field sizes - all read as 32-bit integers and used directly as allocation sizes with no bounds checking. Because SPDY header blocks are zlib-compressed, a small on-the-wire payload can decompress into large attacker-controlled values. A remote peer that can send SPDY frames to a service using spdystream can exhaust process memory and cause an out-of-memory crash with a single crafted control frame. This issue has been fixed in version 0.5.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-35469",
"url": "https://www.suse.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "SUSE Bug 1262264 for CVE-2026-35469",
"url": "https://bugzilla.suse.com/1262264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-1.24.17-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.24-client-common-1.24.17-150400.9.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T14:32:16Z",
"details": "moderate"
}
],
"title": "CVE-2026-35469"
}
]
}
SUSE-SU-2026:2325-1
Vulnerability from csaf_suse - Published: 2026-06-09 14:34 - Updated: 2026-06-09 14:34Summary
Security update for kubernetes1.26
Severity
Important
Notes
Title of the patch: Security update for kubernetes1.26
Description of the patch: This update for kubernetes1.26 fixes the following issues
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265740).
- CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service
(bsc#1262271).
Patchnames: SUSE-2026-2325,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2325,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2325,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2325,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2325,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2325,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2325,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2325,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2325
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.26",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.26 fixes the following issues\n\n- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE\n (bsc#1265740).\n- CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service\n (bsc#1262271).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2325,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2325,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2325,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2325,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2325,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2325,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2325,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2325,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2325",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2325-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2325-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262325-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2325-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047213.html"
},
{
"category": "self",
"summary": "SUSE Bug 1251168",
"url": "https://bugzilla.suse.com/1251168"
},
{
"category": "self",
"summary": "SUSE Bug 1262271",
"url": "https://bugzilla.suse.com/1262271"
},
{
"category": "self",
"summary": "SUSE Bug 1265740",
"url": "https://bugzilla.suse.com/1265740"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-35469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-35469/"
}
],
"title": "Security update for kubernetes1.26",
"tracking": {
"current_release_date": "2026-06-09T14:34:20Z",
"generator": {
"date": "2026-06-09T14:34:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2325-1",
"initial_release_date": "2026-06-09T14:34:20Z",
"revision_history": [
{
"date": "2026-06-09T14:34:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.aarch64",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.aarch64",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.aarch64",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.aarch64",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.aarch64",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.aarch64",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.aarch64",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.aarch64",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-client-bash-completion-1.26.15-150400.9.27.1.noarch",
"product": {
"name": "kubernetes1.26-client-bash-completion-1.26.15-150400.9.27.1.noarch",
"product_id": "kubernetes1.26-client-bash-completion-1.26.15-150400.9.27.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-fish-completion-1.26.15-150400.9.27.1.noarch",
"product": {
"name": "kubernetes1.26-client-fish-completion-1.26.15-150400.9.27.1.noarch",
"product_id": "kubernetes1.26-client-fish-completion-1.26.15-150400.9.27.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.ppc64le",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.ppc64le",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.s390x",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.s390x",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.s390x",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.s390x",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.s390x",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.s390x",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.s390x",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.s390x",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.x86_64",
"product_id": "kubernetes1.26-apiserver-1.26.15-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"product_id": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"product_id": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.x86_64",
"product_id": "kubernetes1.26-controller-manager-1.26.15-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.x86_64",
"product_id": "kubernetes1.26-kubeadm-1.26.15-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.x86_64",
"product_id": "kubernetes1.26-kubelet-1.26.15-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.x86_64",
"product_id": "kubernetes1.26-kubelet-common-1.26.15-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.x86_64",
"product_id": "kubernetes1.26-proxy-1.26.15-150400.9.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.x86_64",
"product": {
"name": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.x86_64",
"product_id": "kubernetes1.26-scheduler-1.26.15-150400.9.27.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
},
"product_reference": "kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T14:34:20Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-35469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-35469"
}
],
"notes": [
{
"category": "general",
"text": "spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count, the header count in parseHeaderValueBlock, and individual header field sizes - all read as 32-bit integers and used directly as allocation sizes with no bounds checking. Because SPDY header blocks are zlib-compressed, a small on-the-wire payload can decompress into large attacker-controlled values. A remote peer that can send SPDY frames to a service using spdystream can exhaust process memory and cause an out-of-memory crash with a single crafted control frame. This issue has been fixed in version 0.5.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-35469",
"url": "https://www.suse.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "SUSE Bug 1262264 for CVE-2026-35469",
"url": "https://bugzilla.suse.com/1262264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-1.26.15-150400.9.27.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.26-client-common-1.26.15-150400.9.27.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-09T14:34:20Z",
"details": "moderate"
}
],
"title": "CVE-2026-35469"
}
]
}
SUSE-SU-2026:2339-1
Vulnerability from csaf_suse - Published: 2026-06-10 13:14 - Updated: 2026-06-10 13:14Summary
Security update for kubernetes1.27
Severity
Important
Notes
Title of the patch: Security update for kubernetes1.27
Description of the patch: This update for kubernetes1.27 fixes the following issues
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265740).
- CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service
(bsc#1262271).
Patchnames: SUSE-2026-2339,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2339,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2339,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2339,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2339,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2339,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2339,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2339,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2339
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.27",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.27 fixes the following issues\n\n- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE\n (bsc#1265740).\n- CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service\n (bsc#1262271).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2339,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2339,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2339,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2339,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2339,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2339,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2339,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2339,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2339",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2339-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2339-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262339-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2339-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026699.html"
},
{
"category": "self",
"summary": "SUSE Bug 1251168",
"url": "https://bugzilla.suse.com/1251168"
},
{
"category": "self",
"summary": "SUSE Bug 1262271",
"url": "https://bugzilla.suse.com/1262271"
},
{
"category": "self",
"summary": "SUSE Bug 1265740",
"url": "https://bugzilla.suse.com/1265740"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-35469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-35469/"
}
],
"title": "Security update for kubernetes1.27",
"tracking": {
"current_release_date": "2026-06-10T13:14:17Z",
"generator": {
"date": "2026-06-10T13:14:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2339-1",
"initial_release_date": "2026-06-10T13:14:17Z",
"revision_history": [
{
"date": "2026-06-10T13:14:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.aarch64",
"product": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.aarch64",
"product_id": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"product": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"product_id": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"product": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"product_id": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.aarch64",
"product": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.aarch64",
"product_id": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.aarch64",
"product": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.aarch64",
"product_id": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.aarch64",
"product": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.aarch64",
"product_id": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.aarch64",
"product": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.aarch64",
"product_id": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.aarch64",
"product": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.aarch64",
"product_id": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.aarch64",
"product": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.aarch64",
"product_id": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.27-client-bash-completion-1.27.16-150400.9.21.1.noarch",
"product": {
"name": "kubernetes1.27-client-bash-completion-1.27.16-150400.9.21.1.noarch",
"product_id": "kubernetes1.27-client-bash-completion-1.27.16-150400.9.21.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-fish-completion-1.27.16-150400.9.21.1.noarch",
"product": {
"name": "kubernetes1.27-client-fish-completion-1.27.16-150400.9.21.1.noarch",
"product_id": "kubernetes1.27-client-fish-completion-1.27.16-150400.9.21.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.ppc64le",
"product": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.ppc64le",
"product_id": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"product": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"product_id": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"product": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"product_id": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.ppc64le",
"product": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.ppc64le",
"product_id": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.ppc64le",
"product": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.ppc64le",
"product_id": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.ppc64le",
"product": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.ppc64le",
"product_id": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.ppc64le",
"product": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.ppc64le",
"product_id": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.ppc64le",
"product": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.ppc64le",
"product_id": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.ppc64le",
"product": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.ppc64le",
"product_id": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.s390x",
"product": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.s390x",
"product_id": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"product": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"product_id": "kubernetes1.27-client-1.27.16-150400.9.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"product": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"product_id": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.s390x",
"product": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.s390x",
"product_id": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.s390x",
"product": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.s390x",
"product_id": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.s390x",
"product": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.s390x",
"product_id": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.s390x",
"product": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.s390x",
"product_id": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.s390x",
"product": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.s390x",
"product_id": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.s390x",
"product": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.s390x",
"product_id": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.x86_64",
"product": {
"name": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.x86_64",
"product_id": "kubernetes1.27-apiserver-1.27.16-150400.9.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"product": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"product_id": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"product": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"product_id": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.x86_64",
"product": {
"name": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.x86_64",
"product_id": "kubernetes1.27-controller-manager-1.27.16-150400.9.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.x86_64",
"product": {
"name": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.x86_64",
"product_id": "kubernetes1.27-kubeadm-1.27.16-150400.9.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.x86_64",
"product": {
"name": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.x86_64",
"product_id": "kubernetes1.27-kubelet-1.27.16-150400.9.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.x86_64",
"product": {
"name": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.x86_64",
"product_id": "kubernetes1.27-kubelet-common-1.27.16-150400.9.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.x86_64",
"product": {
"name": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.x86_64",
"product_id": "kubernetes1.27-proxy-1.27.16-150400.9.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.x86_64",
"product": {
"name": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.x86_64",
"product_id": "kubernetes1.27-scheduler-1.27.16-150400.9.21.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
},
"product_reference": "kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-10T13:14:17Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-35469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-35469"
}
],
"notes": [
{
"category": "general",
"text": "spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count, the header count in parseHeaderValueBlock, and individual header field sizes - all read as 32-bit integers and used directly as allocation sizes with no bounds checking. Because SPDY header blocks are zlib-compressed, a small on-the-wire payload can decompress into large attacker-controlled values. A remote peer that can send SPDY frames to a service using spdystream can exhaust process memory and cause an out-of-memory crash with a single crafted control frame. This issue has been fixed in version 0.5.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-35469",
"url": "https://www.suse.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "SUSE Bug 1262264 for CVE-2026-35469",
"url": "https://bugzilla.suse.com/1262264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-1.27.16-150400.9.21.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.27-client-common-1.27.16-150400.9.21.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-10T13:14:17Z",
"details": "moderate"
}
],
"title": "CVE-2026-35469"
}
]
}
SUSE-SU-2026:2340-1
Vulnerability from csaf_suse - Published: 2026-06-10 13:14 - Updated: 2026-06-10 13:14Summary
Security update for kubernetes1.23
Severity
Important
Notes
Title of the patch: Security update for kubernetes1.23
Description of the patch: This update for kubernetes1.23 fixes the following issues
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265740).
- CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service
(bsc#1262271).
Patchnames: SUSE-2026-2340,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2340,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2340,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2340,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2340
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.5 (High)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.5 (Medium)
Affected products
Recommended
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
13 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for kubernetes1.23",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for kubernetes1.23 fixes the following issues\n\n- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE\n (bsc#1265740).\n- CVE-2026-35469: github.com/moby/spdystream: memory amplification in SPDY frame parsing leads to denial of service\n (bsc#1262271).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-2340,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2340,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2340,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2340,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2340",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_2340-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:2340-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262340-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:2340-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026698.html"
},
{
"category": "self",
"summary": "SUSE Bug 1251168",
"url": "https://bugzilla.suse.com/1251168"
},
{
"category": "self",
"summary": "SUSE Bug 1262271",
"url": "https://bugzilla.suse.com/1262271"
},
{
"category": "self",
"summary": "SUSE Bug 1265740",
"url": "https://bugzilla.suse.com/1265740"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-33814 page",
"url": "https://www.suse.com/security/cve/CVE-2026-33814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-35469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-35469/"
}
],
"title": "Security update for kubernetes1.23",
"tracking": {
"current_release_date": "2026-06-10T13:14:46Z",
"generator": {
"date": "2026-06-10T13:14:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:2340-1",
"initial_release_date": "2026-06-10T13:14:46Z",
"revision_history": [
{
"date": "2026-06-10T13:14:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.aarch64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.aarch64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.aarch64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.aarch64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.aarch64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.aarch64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.aarch64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.aarch64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.aarch64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.aarch64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.aarch64",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.aarch64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.aarch64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-client-bash-completion-1.23.17-150500.3.26.1.noarch",
"product": {
"name": "kubernetes1.23-client-bash-completion-1.23.17-150500.3.26.1.noarch",
"product_id": "kubernetes1.23-client-bash-completion-1.23.17-150500.3.26.1.noarch"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-fish-completion-1.23.17-150500.3.26.1.noarch",
"product": {
"name": "kubernetes1.23-client-fish-completion-1.23.17-150500.3.26.1.noarch",
"product_id": "kubernetes1.23-client-fish-completion-1.23.17-150500.3.26.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.ppc64le",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.ppc64le",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.ppc64le",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.ppc64le",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.ppc64le",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.ppc64le",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.ppc64le",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.ppc64le",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.ppc64le",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.ppc64le",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.ppc64le",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.s390x",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.s390x",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.s390x",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.s390x",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.26.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.s390x",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.s390x",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.s390x",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.s390x",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.s390x",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.s390x",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.s390x",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.s390x",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.s390x",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.s390x",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.s390x",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.x86_64",
"product": {
"name": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.x86_64",
"product_id": "kubernetes1.23-apiserver-1.23.17-150500.3.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"product": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"product_id": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"product": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"product_id": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.x86_64",
"product": {
"name": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.x86_64",
"product_id": "kubernetes1.23-controller-manager-1.23.17-150500.3.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.x86_64",
"product": {
"name": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.x86_64",
"product_id": "kubernetes1.23-kubeadm-1.23.17-150500.3.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.x86_64",
"product_id": "kubernetes1.23-kubelet-1.23.17-150500.3.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.x86_64",
"product": {
"name": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.x86_64",
"product_id": "kubernetes1.23-kubelet-common-1.23.17-150500.3.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.x86_64",
"product": {
"name": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.x86_64",
"product_id": "kubernetes1.23-proxy-1.23.17-150500.3.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.x86_64",
"product": {
"name": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.x86_64",
"product_id": "kubernetes1.23-scheduler-1.23.17-150500.3.26.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.s390x"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.s390x"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64"
},
"product_reference": "kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
},
"product_reference": "kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-33814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-33814"
}
],
"notes": [
{
"category": "general",
"text": "When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-33814",
"url": "https://www.suse.com/security/cve/CVE-2026-33814"
},
{
"category": "external",
"summary": "SUSE Bug 1264506 for CVE-2026-33814",
"url": "https://bugzilla.suse.com/1264506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-10T13:14:46Z",
"details": "important"
}
],
"title": "CVE-2026-33814"
},
{
"cve": "CVE-2026-35469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-35469"
}
],
"notes": [
{
"category": "general",
"text": "spdystream is a Go library for multiplexing streams over SPDY connections. In versions 0.5.0 and below, the SPDY/3 frame parser does not validate attacker-controlled counts and lengths before allocating memory. Three allocation paths are affected: the SETTINGS frame entry count, the header count in parseHeaderValueBlock, and individual header field sizes - all read as 32-bit integers and used directly as allocation sizes with no bounds checking. Because SPDY header blocks are zlib-compressed, a small on-the-wire payload can decompress into large attacker-controlled values. A remote peer that can send SPDY frames to a service using spdystream can exhaust process memory and cause an out-of-memory crash with a single crafted control frame. This issue has been fixed in version 0.5.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-35469",
"url": "https://www.suse.com/security/cve/CVE-2026-35469"
},
{
"category": "external",
"summary": "SUSE Bug 1262264 for CVE-2026-35469",
"url": "https://bugzilla.suse.com/1262264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-1.23.17-150500.3.26.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:kubernetes1.23-client-common-1.23.17-150500.3.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-10T13:14:46Z",
"details": "moderate"
}
],
"title": "CVE-2026-35469"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…