Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
RHSA-2026:36199
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2026:36199
Import Source
https://security.access.redhat.com/data/osv/RHSA-2026:36199.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2026:36199
Upstream
CVE-2026-39829
CVE-2026-39830
CVE-2026-39832
CVE-2026-39835
Related
GO-2026-5006
GO-2026-5015
GO-2026-5017
GO-2026-5018
Published
2026-07-08T10:09:13Z
Modified
2026-07-09T10:12:25Z
Severity
8.7 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
CVSS Calculator
Summary
Red Hat Security Advisory: buildah security update
Details
References
https://access.redhat.com/errata/RHSA-2026:36199
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=2480680
https://bugzilla.redhat.com/show_bug.cgi?id=2480681
https://bugzilla.redhat.com/show_bug.cgi?id=2480684
https://bugzilla.redhat.com/show_bug.cgi?id=2480685
https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_36199.json
https://access.redhat.com/security/cve/CVE-2026-39829
https://www.cve.org/CVERecord?id=CVE-2026-39829
https://nvd.nist.gov/vuln/detail/CVE-2026-39829
https://go.dev/cl/781641
https://go.dev/cl/781661
https://go.dev/issue/79565
https://groups.google.com/g/golang-announce/c/a082jnz-LvI
https://pkg.go.dev/vuln/GO-2026-5018
https://access.redhat.com/security/cve/CVE-2026-39830
https://www.cve.org/CVERecord?id=CVE-2026-39830
https://nvd.nist.gov/vuln/detail/CVE-2026-39830
https://go.dev/cl/781640
https://go.dev/cl/781664
https://go.dev/issue/79564
https://pkg.go.dev/vuln/GO-2026-5017
https://access.redhat.com/security/cve/CVE-2026-39832
https://www.cve.org/CVERecord?id=CVE-2026-39832
https://nvd.nist.gov/vuln/detail/CVE-2026-39832
https://go.dev/cl/778642
https://go.dev/issue/79435
https://pkg.go.dev/vuln/GO-2026-5006
https://access.redhat.com/security/cve/CVE-2026-39835
https://www.cve.org/CVERecord?id=CVE-2026-39835
https://nvd.nist.gov/vuln/detail/CVE-2026-39835
https://go.dev/cl/781660
https://go.dev/issue/79563
https://pkg.go.dev/vuln/GO-2026-5015
Affected packages
Red Hat:enterprise_linux:10.2
buildah
Package
Name
buildah
Purl
pkg:rpm/redhat/buildah
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:1.43.1-3.el10_2
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:36199.json"
buildah-debuginfo
Package
Name
buildah-debuginfo
Purl
pkg:rpm/redhat/buildah-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:1.43.1-3.el10_2
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:36199.json"
buildah-debugsource
Package
Name
buildah-debugsource
Purl
pkg:rpm/redhat/buildah-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:1.43.1-3.el10_2
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:36199.json"
buildah-tests
Package
Name
buildah-tests
Purl
pkg:rpm/redhat/buildah-tests
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:1.43.1-3.el10_2
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:36199.json"
buildah-tests-debuginfo
Package
Name
buildah-tests-debuginfo
Purl
pkg:rpm/redhat/buildah-tests-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
2:1.43.1-3.el10_2
Database specific
source
"https://security.access.redhat.com/data/osv/RHSA-2026:36199.json"
RHSA-2026:36199 - OSV