CVE-2026-42508

EUVD-2026-31399
Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
golangcrypto
𝑥
< 0.52.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
golang-go.crypto
bookworm
vulnerable
bullseye
postponed
forky
1:0.53.0-1
fixed
sid
1:0.53.0-1
fixed
trixie
vulnerable
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
amazon-ssm-agent
suse enterprise sap 15 SP4
3.3.4624.0-150000.5.37.1
fixed
suse enterprise sap 15 SP5
3.3.4624.0-150000.5.37.1
fixed
suse enterprise sap 15 SP6
3.3.4624.0-150000.5.37.1
fixed
suse enterprise sap 15 SP7
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP4
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP5
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP6
3.3.4624.0-150000.5.37.1
fixed
suse enterprise server 15 SP7
3.3.4624.0-150000.5.37.1
fixed
apptainer
suse enterprise server 15 SP6
1.5.1-150600.4.24.1
fixed
apptainer-sle15_6
suse enterprise server 15 SP6
1.5.1-150600.4.24.1
fixed
buildah
suse enterprise sap 15 SP7
1.35.5-150500.3.62.1
fixed
suse enterprise server 15 SP4
1.35.5-150400.3.68.1
fixed
suse enterprise server 15 SP5
1.35.5-150500.3.62.1
fixed
suse enterprise server 15 SP6
1.35.5-150500.3.62.1
fixed
suse enterprise server 15 SP7
1.35.5-150500.3.62.1
fixed
google-guest-agent
suse enterprise sap 15 SP4
20260529.00-150000.1.70.1
fixed
suse enterprise sap 15 SP5
20260529.00-150000.1.70.1
fixed
suse enterprise sap 15 SP6
20260529.00-150000.1.70.1
fixed
suse enterprise sap 15 SP7
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP4
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP5
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP6
20260529.00-150000.1.70.1
fixed
suse enterprise server 15 SP7
20260529.00-150000.1.70.1
fixed
google-osconfig-agent
suse enterprise sap 15 SP4
20260615.01-150000.1.55.1
fixed
suse enterprise sap 15 SP5
20260615.01-150000.1.55.1
fixed
suse enterprise sap 15 SP6
20260615.01-150000.1.55.1
fixed
suse enterprise sap 15 SP7
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP4
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP5
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP6
20260615.01-150000.1.55.1
fixed
suse enterprise server 15 SP7
20260615.01-150000.1.55.1
fixed
podman
suse enterprise sap 15 SP7
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP4
4.9.5-150400.4.74.2
fixed
suse enterprise server 15 SP5
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP6
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP7
4.9.5-150500.3.73.2
fixed
podman-docker
suse enterprise sap 15 SP7
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP4
4.9.5-150400.4.74.2
fixed
suse enterprise server 15 SP5
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP6
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP7
4.9.5-150500.3.73.2
fixed
podman-remote
suse enterprise sap 15 SP7
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP4
4.9.5-150400.4.74.2
fixed
suse enterprise server 15 SP5
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP6
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP7
4.9.5-150500.3.73.2
fixed
podmansh
suse enterprise sap 15 SP7
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP5
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP6
4.9.5-150500.3.73.2
fixed
suse enterprise server 15 SP7
4.9.5-150500.3.73.2
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
amazon-cloudwatch-agent
Amazon Linux 2
0:1.300067.1-1.amzn2
fixed
Amazon Linux 2023
0:1.300067.1-1.amzn2023
fixed
containerd
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-debuginfo
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-debugsource
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-stress
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
containerd-stress-debuginfo
Amazon Linux 2023
0:2.2.4-1.amzn2023.0.1
fixed
docker
Amazon Linux 2023
0:25.0.16-1.amzn2023.0.1
fixed
docker-debuginfo
Amazon Linux 2023
0:25.0.16-1.amzn2023.0.1
fixed
docker-debugsource
Amazon Linux 2023
0:25.0.16-1.amzn2023.0.1
fixed
nerdctl
Amazon Linux 2
0:2.2.2-1.amzn2.0.3
fixed
Amazon Linux 2023
0:2.2.2-1.amzn2023.0.3
fixed
nerdctl-debuginfo
Amazon Linux 2
0:2.2.2-1.amzn2.0.3
fixed
rclone
Amazon Linux 2
0:1.55.1-1.amzn2.0.7
fixed
Amazon Linux 2023
0:1.74.2-80.amzn2023
fixed
rclone-debuginfo
Amazon Linux 2
0:1.55.1-1.amzn2.0.7
fixed
Amazon Linux 2023
0:1.74.2-80.amzn2023
fixed
rclone-debugsource
Amazon Linux 2023
0:1.74.2-80.amzn2023
fixed
runfinch-finch
Amazon Linux 2023
0:1.17.1-1.amzn2023.0.2
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
packer
Azure Linux 3.0
0:1.9.5-14.azl3
fixed
telegraf
Azure Linux 3.0
0:1.31.0-21.azl3
fixed