CLSA-2026-1777029448

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777029448.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1777029448
Upstream
  • CVE-2026-25679
Published
2026-04-24T11:17:32Z
Modified
2026-06-01T00:32:48.650768548Z
Summary
containernetworking-plugins: Fix of CVE-2026-25679
Details
  • rebuild with newer golang version 1.25.7-1.el9_6.tuxcare.els2 to fix the following CVE
    • CVE-2026-25679: reject IPv6 literals not at the start of the host subcomponent in net/url.Parse to prevent URL authority validation bypass
References

Affected packages

TuxCare:AlmaLinux:9.6 / containernetworking-plugins

Package

Name
containernetworking-plugins
Purl
pkg:rpm/tuxcare/containernetworking-plugins?distro=almalinux-9.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.6.2-2.el9_6.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1777029448.json"