RHSA-2026:20569HighCVSS 7.5

Red Hat Security Advisory: buildah security update

Published
May 26, 2026
Last Modified
May 27, 2026

🔗 CVE IDs covered (4)

CVE-2026-34986CVE-2026-32280CVE-2026-32281CVE-2026-32283

📋 Description

CVE-2026-32280 — crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building CVE-2026-32281 — crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation CVE-2026-32283 — crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages CVE-2026-34986 — github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

🔗 References (7)