{"id":"CGA-3ffc-xphp-rpj5","modified":"2026-07-17T18:33:26.777369468Z","published":"2026-04-10T21:43:18Z","upstream":["CVE-2026-32289","GHSA-7mr4-xjxg-34g6","GO-2026-4865"],"references":[{"type":"WEB","url":"https://go.dev/cl/763762"},{"type":"WEB","url":"https://go.dev/issue/78331"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"type":"WEB","url":"https://pkg.go.dev"},{"type":"WEB","url":"https://pkg.go.dev/vuln/GO-2026-4865"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/32xxx/CVE-2026-32289.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32289"}],"affected":[{"package":{"name":"mesosphere-vsphere-csi-driver-fips","ecosystem":"Chainguard","purl":"pkg:apk/chainguard/mesosphere-vsphere-csi-driver-fips?arch=x86_64"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.5.0-r10"}]}],"ecosystem_specific":{"components":[{"component_version":"go1.25.8","component_type":"go-module","component_location":"/usr/bin/vsphere-csi","component_purl":"pkg:golang/stdlib@go1.25.8","latest_event_status":"fixed","latest_event_timestamp":"2026-06-02T01:39:32Z","architecture":"x86_64","component_name":"stdlib"}]},"database_specific":{"source":"https://advisories.cgr.dev/chainguard/v3/osv/CGA-3ffc-xphp-rpj5.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}