Описание
Уязвимость языка программирования Go связана с ошибками процедуры подтверждения подлинности сертификата. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании
Вендор
Red Hat Inc.
Сообщество свободного программного обеспечения
ООО «Ред Софт»
The Go Project
Наименование ПО
Red Hat Enterprise Linux
Red Hat Quay
Red Hat AMQ Broker
Red Hat 3scale API Management Platform
Openshift Service Mesh
Debian GNU/Linux
РЕД ОС
Red Hat Openshift Data Foundation
Red Hat Advanced Cluster Management for Kubernetes
Red Hat OpenShift GitOps
Red Hat OpenShift Container Platform
Red Hat Satellite
Red Hat OpenStack Platform
Red Hat Web Terminal
Red Hat OpenShift on AWS
Node HealthCheck Operator
Network Observability Operator
Red Hat OpenShift Virtualization
OpenShift Serverless
Red Hat Developer Tools
OpenShift Dev Spaces
Migration Toolkit for Containers
OpenShift Pipelines
OpenShift API for Data Protection
Logical Volume Manager Storage Operator
Red Hat Advanced Cluster Security
Logging subsystem for Red Hat OpenShift
Red Hat Developer Hub
multicluster engine for Kubernetes
Jboss Web Server
OpenShift AI
Red Hat OpenShift Lightspeed
Red Hat OpenShift Cluster Manager CLI
Red Hat Trusted Artifact Signer
Red Hat build of Apicurio Registry
Red Hat build of Apache Camel
Cryostat
Builds for Red Hat OpenShift
cert-manager Operator for Red Hat OpenShift
Confidential Compute Attestation
Custom Metric Autoscaler operator for Red Hat Openshift
Multiarch Tuning Operator
Multicluster Global Hub
Assisted Installer for Red Hat OpenShift Container Platform
Streams for Apache Kafka
Mirror registry for Red Hat OpenShift
Red Hat Certification Program for Red Hat Enterprise Linux
Red Hat Enterprise Linux AI
Service Telemetry Framework
External Secrets Operator for Red Hat OpenShift
Red Hat OpenShift distributed tracing
Ansible Automation Platform
Red Hat Hardened Images
Go
Compliance Operator
Deployment Validation Operator
ExternalDNS Operator
File Integrity Operator
Machine Deletion Remediation Operator
Migration Toolkit for Applications
OpenShift Source-to-Image
Red Hat Edge Manager
Red Hat OpenShift Dev Workspaces Operator
Red Hat Service Interconnect
Security Profiles Operator
Zero Trust Workload Identity Manager
Версия ПО
7 (Red Hat Enterprise Linux)
8 (Red Hat Enterprise Linux)
3 (Red Hat Quay)
7 (Red Hat AMQ Broker)
2 (Red Hat 3scale API Management Platform)
2 (Openshift Service Mesh)
11 (Debian GNU/Linux)
12 (Debian GNU/Linux)
7.3 (РЕД ОС)
4 (Red Hat Openshift Data Foundation)
2 (Red Hat Advanced Cluster Management for Kubernetes)
- (Red Hat OpenShift GitOps)
4 (Red Hat OpenShift Container Platform)
6 (Red Hat Satellite)
9 (Red Hat Enterprise Linux)
16.2 (Red Hat OpenStack Platform)
- (Red Hat Web Terminal)
- (Red Hat OpenShift on AWS)
- (Node HealthCheck Operator)
- (Network Observability Operator)
4 (Red Hat OpenShift Virtualization)
- (OpenShift Serverless)
- (Red Hat Developer Tools)
- (OpenShift Dev Spaces)
17.1 (Red Hat OpenStack Platform)
- (Migration Toolkit for Containers)
- (OpenShift Pipelines)
- (OpenShift API for Data Protection)
- (Logical Volume Manager Storage Operator)
4 (Red Hat Advanced Cluster Security)
- (Logging subsystem for Red Hat OpenShift)
- (Red Hat Developer Hub)
- (multicluster engine for Kubernetes)
18.0 (Red Hat OpenStack Platform)
6 (Jboss Web Server)
- (OpenShift AI)
- (Red Hat OpenShift Lightspeed)
- (Red Hat OpenShift Cluster Manager CLI)
- (Red Hat Trusted Artifact Signer)
2 (Red Hat build of Apicurio Registry)
10 (Red Hat Enterprise Linux)
HawtIO 4 (Red Hat build of Apache Camel)
4 (Cryostat)
3 (Openshift Service Mesh)
- (Builds for Red Hat OpenShift)
- (cert-manager Operator for Red Hat OpenShift)
- (Confidential Compute Attestation)
- (Custom Metric Autoscaler operator for Red Hat Openshift)
- (Multiarch Tuning Operator)
- (Multicluster Global Hub)
13 (Debian GNU/Linux)
2 (Assisted Installer for Red Hat OpenShift Container Platform)
3 (Streams for Apache Kafka)
8.0 (РЕД ОС)
2 (Mirror registry for Red Hat OpenShift)
9 (Red Hat Certification Program for Red Hat Enterprise Linux)
3 (Red Hat Enterprise Linux AI)
1.5 (Service Telemetry Framework)
- (External Secrets Operator for Red Hat OpenShift)
3 (Red Hat OpenShift distributed tracing)
2 (Ansible Automation Platform)
- (Red Hat Hardened Images)
до 1.25.9 (Go)
от 1.26.0 до 1.26.2 (Go)
- (Compliance Operator)
- (Deployment Validation Operator)
- (ExternalDNS Operator)
- (File Integrity Operator)
- (Machine Deletion Remediation Operator)
8 (Migration Toolkit for Applications)
- (OpenShift Source-to-Image)
1 (Red Hat Edge Manager)
- (Red Hat OpenShift Dev Workspaces Operator)
2 (Red Hat Service Interconnect)
- (Security Profiles Operator)
- (Zero Trust Workload Identity Manager)
Tech Preview (Zero Trust Workload Identity Manager)
Тип ПО
Операционная система
Прикладное ПО информационных систем
Сетевое средство
ПО программно-аппаратного средства
ПО виртуализации/ПО виртуального программно-аппаратного средства
ПО для разработки ИИ
Операционные системы и аппаратные платформы
Red Hat Inc. Red Hat Enterprise Linux 7
Red Hat Inc. Red Hat Enterprise Linux 8
Сообщество свободного программного обеспечения Debian GNU/Linux 11
Сообщество свободного программного обеспечения Debian GNU/Linux 12
ООО «Ред Софт» РЕД ОС 7.3
Red Hat Inc. Red Hat Enterprise Linux 9
Red Hat Inc. Red Hat Enterprise Linux 10
Сообщество свободного программного обеспечения Debian GNU/Linux 13
ООО «Ред Софт» РЕД ОС 8.0
Red Hat Inc. Red Hat Enterprise Linux AI 3
Уровень опасности уязвимости
Высокий уровень опасности (базовая оценка CVSS 2.0 составляет 7,8)
Высокий уровень опасности (базовая оценка CVSS 3.1 составляет 7,5)
Возможные меры по устранению уязвимости
Использование рекомендаций производителя:
https://pkg.go.dev/vuln/GO-2026-4946
Для РедОС:
https://redos.red-soft.ru/search/?iblock_id=24&q=CVE-2026-32281
Для Debian GNU/Linux:
https://security-tracker.debian.org/tracker/CVE-2026-32281
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/cve-2026-32281
Статус уязвимости
Подтверждена производителем
Наличие эксплойта
Данные уточняются
Информация об устранении
Уязвимость устранена
Ссылки на источники
Идентификаторы других систем описаний уязвимостей
- CVE
EPSS
Процентиль: 27%
0.00349
Низкий
7.5 High
CVSS3
7.8 High
CVSS2
Связанные уязвимости
CVSS3: 7.5
ubuntu
3 месяца назад
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.
CVSS3: 5.9
redhat
3 месяца назад
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.
CVSS3: 7.5
nvd
3 месяца назад
Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.
EPSS
Процентиль: 27%
0.00349
Низкий
7.5 High
CVSS3
7.8 High
CVSS2