{"id":"UBUNTU-CVE-2026-39830","details":"(A malicious SSH peer could send unsolicited global request responses t ...)","modified":"2026-05-25T09:30:09.699637747Z","published":"2026-05-22T00:00:00Z","upstream":["CVE-2026-39830"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-39830"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2026-39830"},{"type":"REPORT","url":"https://go.dev/issue/79564"},{"type":"REPORT","url":"https://groups.google.com/g/golang-announce/c/a082jnz-LvI"},{"type":"REPORT","url":"https://go.dev/cl/781640"},{"type":"REPORT","url":"https://go.dev/cl/781664"},{"type":"REPORT","url":"https://pkg.go.dev/vuln/GO-2026-5017"}],"affected":[{"package":{"name":"golang-go.crypto","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/golang-go.crypto?arch=source&distro=esm-infra%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.0~git20150608-1","1:0.0~git20151201.0.7b85b09-2","1:0.0~git20151201.0.7b85b09-2ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-go.crypto-dev","binary_version":"1:0.0~git20151201.0.7b85b09-2ubuntu0.1~esm1"},{"binary_name":"golang-golang-x-crypto-dev","binary_version":"1:0.0~git20151201.0.7b85b09-2ubuntu0.1~esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"lxd","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/lxd?arch=source&distro=esm-infra%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.20-0ubuntu4","0.21-0ubuntu3","0.21-0ubuntu5","0.22-0ubuntu1","0.22-0ubuntu2","0.23-0ubuntu1","0.23-0ubuntu2","0.23-0ubuntu3","0.24-0ubuntu2","0.24-0ubuntu3","0.24-0ubuntu4","0.25-0ubuntu1","0.26-0ubuntu2","0.26-0ubuntu3","0.27-0ubuntu1","0.27-0ubuntu2","2.0.0~beta1-0ubuntu3","2.0.0~beta1-0ubuntu4","2.0.0~beta2-0ubuntu1","2.0.0~beta2-0ubuntu2","2.0.0~beta3-0ubuntu1","2.0.0~beta3-0ubuntu2","2.0.0~beta3-0ubuntu3","2.0.0~beta3-0ubuntu4","2.0.0~beta4-0ubuntu1","2.0.0~beta4-0ubuntu2","2.0.0~beta4-0ubuntu3","2.0.0~beta4-0ubuntu4","2.0.0~beta4-0ubuntu5","2.0.0~beta4-0ubuntu6","2.0.0~beta4-0ubuntu7","2.0.0~rc1-0ubuntu1","2.0.0~rc1-0ubuntu2","2.0.0~rc1-0ubuntu3","2.0.0~rc2-0ubuntu2","2.0.0~rc2-0ubuntu3","2.0.0~rc3-0ubuntu1","2.0.0~rc3-0ubuntu2","2.0.0~rc3-0ubuntu3","2.0.0~rc3-0ubuntu4","2.0.0~rc4-0ubuntu1","2.0.0~rc5-0ubuntu1","2.0.0~rc6-0ubuntu1","2.0.0~rc6-0ubuntu2","2.0.0~rc7-0ubuntu1","2.0.0~rc7-0ubuntu2","2.0.0~rc8-0ubuntu1","2.0.0~rc8-0ubuntu2","2.0.0~rc8-0ubuntu3","2.0.0~rc8-0ubuntu5","2.0.0~rc8-0ubuntu6","2.0.0~rc8-0ubuntu7","2.0.0~rc9-0ubuntu2","2.0.0~rc9-0ubuntu3","2.0.0~rc9-0ubuntu4","2.0.0~rc9-0ubuntu5","2.0.0-0ubuntu1","2.0.0-0ubuntu2","2.0.0-0ubuntu3","2.0.0-0ubuntu4","2.0.1-0ubuntu1~16.04.1","2.0.2-0ubuntu1~16.04.1","2.0.3-0ubuntu1~ubuntu16.04.2","2.0.4-0ubuntu1~ubuntu16.04.1","2.0.5-0ubuntu1~ubuntu16.04.1","2.0.8-0ubuntu1~ubuntu16.04.1","2.0.8-0ubuntu1~ubuntu16.04.2","2.0.9-0ubuntu1~16.04.1","2.0.9-0ubuntu1~16.04.2","2.0.10-0ubuntu1~16.04.1","2.0.10-0ubuntu1~16.04.2","2.0.11-0ubuntu1~16.04.2","2.0.11-0ubuntu1~16.04.4","2.0.11-0ubuntu1~16.04.4+esm1","2.0.11-0ubuntu1~16.04.4+esm2"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-github-lxc-lxd-dev","binary_version":"2.0.11-0ubuntu1~16.04.4+esm2"},{"binary_name":"lxc2","binary_version":"2.0.11-0ubuntu1~16.04.4+esm2"},{"binary_name":"lxd","binary_version":"2.0.11-0ubuntu1~16.04.4+esm2"},{"binary_name":"lxd-client","binary_version":"2.0.11-0ubuntu1~16.04.4+esm2"},{"binary_name":"lxd-tools","binary_version":"2.0.11-0ubuntu1~16.04.4+esm2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"snapd","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/snapd?arch=source&distro=esm-infra%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.9","1.9.1.1","1.9.2","2.0","2.0.1","2.0.2","2.0.3","2.0.5","2.0.8","2.0.9","2.0.10","2.11+0.16.04","2.12+0.16.04","2.13","2.14.2~16.04","2.15.2ubuntu1","2.16ubuntu3","2.17.1ubuntu1","2.20.1ubuntu1","2.21","2.22.2","2.22.3","2.22.6","2.23.1","2.24.1","2.25","2.26.10","2.27.5","2.28.5","2.29.4.2","2.32.3.2","2.32.9","2.33.1ubuntu2","2.34.2","2.34.2ubuntu0.1","2.37.4","2.37.4ubuntu0.1","2.38","2.39.2","2.39.2ubuntu0.2","2.40","2.42.1","2.45.1","2.45.1ubuntu0.2","2.46.1","2.47.1","2.48","2.48.3","2.54.3+16.04~esm2","2.54.3+16.04.0ubuntu0.1~esm3","2.54.3+16.04.0ubuntu0.1~esm4","2.54.3+16.04.0ubuntu0.1~esm5","2.54.3+16.04.0ubuntu0.1~esm6","2.61.4ubuntu0.16.04.1+esm1","2.61.4ubuntu0.16.04.1+esm2"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-github-snapcore-snapd-dev","binary_version":"2.61.4ubuntu0.16.04.1+esm2"},{"binary_name":"golang-github-ubuntu-core-snappy-dev","binary_version":"2.61.4ubuntu0.16.04.1+esm2"},{"binary_name":"snap-confine","binary_version":"2.61.4ubuntu0.16.04.1+esm2"},{"binary_name":"snapd","binary_version":"2.61.4ubuntu0.16.04.1+esm2"},{"binary_name":"snapd-xdg-open","binary_version":"2.61.4ubuntu0.16.04.1+esm2"},{"binary_name":"ubuntu-core-launcher","binary_version":"2.61.4ubuntu0.16.04.1+esm2"},{"binary_name":"ubuntu-core-snapd-units","binary_version":"2.61.4ubuntu0.16.04.1+esm2"},{"binary_name":"ubuntu-snappy","binary_version":"2.61.4ubuntu0.16.04.1+esm2"},{"binary_name":"ubuntu-snappy-cli","binary_version":"2.61.4ubuntu0.16.04.1+esm2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"google-guest-agent","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/google-guest-agent?arch=source&distro=esm-apps%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["20201217.02-0ubuntu1~16.04.0","20230426.00-0ubuntu2~16.04.3","20231004.02-0ubuntu1~16.04.1","20231004.02-0ubuntu1~16.04.2","20240716.00-0ubuntu1~16.04.0","20240716.00-0ubuntu1~16.04.0+esm1","20240716.00-0ubuntu1~16.04.0+esm2"],"ecosystem_specific":{"binaries":[{"binary_name":"google-guest-agent","binary_version":"20240716.00-0ubuntu1~16.04.0+esm2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"lxd","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/lxd?arch=source&distro=esm-infra%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.18-0ubuntu6","2.19-0ubuntu1","2.20-0ubuntu3","2.20-0ubuntu4","2.21-0ubuntu1","2.21-0ubuntu2","2.21-0ubuntu3","2.21-0ubuntu4","3.0.0~beta2-0ubuntu3","3.0.0~beta3-0ubuntu3","3.0.0~beta5-0ubuntu2","3.0.0~beta7-0ubuntu1","3.0.0-0ubuntu1","3.0.0-0ubuntu2","3.0.0-0ubuntu3","3.0.0-0ubuntu4","3.0.1-0ubuntu1~18.04.1","3.0.2-0ubuntu1~18.04.1","3.0.3-0ubuntu1~18.04.1","3.0.3-0ubuntu1~18.04.2","3.0.3-0ubuntu1~18.04.2+esm1","3.0.3-0ubuntu1~18.04.2+esm2"],"ecosystem_specific":{"binaries":[{"binary_name":"lxd","binary_version":"3.0.3-0ubuntu1~18.04.2+esm2"},{"binary_name":"lxd-client","binary_version":"3.0.3-0ubuntu1~18.04.2+esm2"},{"binary_name":"lxd-tools","binary_version":"3.0.3-0ubuntu1~18.04.2+esm2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"snapd","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/snapd?arch=source&distro=esm-infra%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.28.5+17.10","2.29.4.1+18.04","2.29.4.2+18.04","2.31.1+18.04","2.32+18.04~pre5","2.32+18.04~pre6","2.32+18.04","2.32.3.2+18.04","2.32.5+18.04","2.32.8+18.04","2.32.9+18.04","2.33.1+18.04ubuntu2","2.34.2+18.04","2.34.2+18.04.1","2.37.1+18.04","2.37.1.1+18.04","2.37.4+18.04","2.37.4+18.04.1","2.38+18.04","2.39.2+18.04","2.40+18.04","2.42.1+18.04","2.45.1+18.04","2.45.1+18.04.2","2.46.1+18.04","2.47.1+18.04","2.48+18.04","2.48.3+18.04","2.49.2+18.04","2.51.1+18.04","2.54.2+18.04ubuntu1","2.54.3+18.04","2.54.3+18.04.2ubuntu0.1","2.54.3+18.04.2ubuntu0.2","2.55.5+18.04","2.57.5+18.04","2.57.5+18.04ubuntu0.1","2.58+18.04","2.58+18.04.1","2.61.4ubuntu0.18.04.1+esm1","2.61.4ubuntu0.18.04.1+esm2"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-github-snapcore-snapd-dev","binary_version":"2.61.4ubuntu0.18.04.1+esm2"},{"binary_name":"golang-github-ubuntu-core-snappy-dev","binary_version":"2.61.4ubuntu0.18.04.1+esm2"},{"binary_name":"snap-confine","binary_version":"2.61.4ubuntu0.18.04.1+esm2"},{"binary_name":"snapd","binary_version":"2.61.4ubuntu0.18.04.1+esm2"},{"binary_name":"snapd-xdg-open","binary_version":"2.61.4ubuntu0.18.04.1+esm2"},{"binary_name":"ubuntu-core-launcher","binary_version":"2.61.4ubuntu0.18.04.1+esm2"},{"binary_name":"ubuntu-core-snapd-units","binary_version":"2.61.4ubuntu0.18.04.1+esm2"},{"binary_name":"ubuntu-snappy","binary_version":"2.61.4ubuntu0.18.04.1+esm2"},{"binary_name":"ubuntu-snappy-cli","binary_version":"2.61.4ubuntu0.18.04.1+esm2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"golang-go.crypto","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/golang-go.crypto?arch=source&distro=esm-apps%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.0~git20170629.0.5ef0053-1ubuntu1","1:0.0~git20170629.0.5ef0053-1ubuntu2","1:0.0~git20170629.0.5ef0053-2","1:0.0~git20170629.0.5ef0053-2ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-go.crypto-dev","binary_version":"1:0.0~git20170629.0.5ef0053-2ubuntu0.1~esm1"},{"binary_name":"golang-golang-x-crypto-dev","binary_version":"1:0.0~git20170629.0.5ef0053-2ubuntu0.1~esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"google-guest-agent","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/google-guest-agent?arch=source&distro=esm-apps%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["20201217.02-0ubuntu1~18.04.0","20210414.00-0ubuntu1~18.04.0","20210629.00-0ubuntu1~18.04.1","20220622.00-0ubuntu2~18.04.0","20220622.00-0ubuntu2~18.04.1","20230426.00-0ubuntu2~18.04.0","20231004.02-0ubuntu1~18.04.2","20231004.02-0ubuntu1~18.04.3","20240716.00-0ubuntu1~18.04.0","20241011.01-0ubuntu1~18.04.0","20241011.01-0ubuntu1~18.04.0+esm1","20241011.01-0ubuntu1~18.04.0+esm2"],"ecosystem_specific":{"binaries":[{"binary_name":"google-guest-agent","binary_version":"20241011.01-0ubuntu1~18.04.0+esm2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"google-guest-agent","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/google-guest-agent?arch=source&distro=esm-infra%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["20201217.02-0ubuntu1~20.04.0","20210414.00-0ubuntu1~20.04.0","20210629.00-0ubuntu1~20.04.0","20220622.00-0ubuntu2~20.04.0","20220622.00-0ubuntu2~20.04.2","20230426.00-0ubuntu2~20.04.0","20231004.02-0ubuntu1~20.04.1","20231004.02-0ubuntu1~20.04.2","20231004.02-0ubuntu1~20.04.3","20231004.02-0ubuntu1~20.04.4","20240716.00-0ubuntu1~20.04.0","20241011.01-0ubuntu1~20.04.1","20250116.00-0ubuntu1~20.04.0","20250116.00-0ubuntu1~20.04.0+esm1","20250116.00-0ubuntu1~20.04.0+esm2"],"ecosystem_specific":{"binaries":[{"binary_name":"google-guest-agent","binary_version":"20250116.00-0ubuntu1~20.04.0+esm2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"snapd","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/snapd?arch=source&distro=esm-infra%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.41+19.10.1","2.42.1+20.04","2.43.3+git1.8109f8","2.44~pre1+20.04","2.44+20.04","2.44.2+20.04","2.44.3+20.04","2.45.1+20.04","2.45.1+20.04.2","2.46.1+20.04","2.47.1+20.04","2.48+20.04","2.48.3+20.04","2.49.2+20.04","2.51.1+20.04ubuntu2","2.54.2+20.04ubuntu2","2.54.3+20.04","2.54.3+20.04.1","2.54.3+20.04.1ubuntu0.1","2.54.3+20.04.1ubuntu0.2","2.54.3+20.04.1ubuntu0.3","2.55.5+20.04","2.57.5+20.04","2.57.5+20.04ubuntu0.1","2.58+20.04","2.58+20.04.1","2.61.3+20.04","2.62+20.04","2.63+20.04","2.63+20.04ubuntu0.1","2.65.3+20.04","2.66.1+20.04","2.67.1+20.04","2.67.1+20.04ubuntu1~esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-github-snapcore-snapd-dev","binary_version":"2.67.1+20.04ubuntu1~esm1"},{"binary_name":"golang-github-ubuntu-core-snappy-dev","binary_version":"2.67.1+20.04ubuntu1~esm1"},{"binary_name":"snap-confine","binary_version":"2.67.1+20.04ubuntu1~esm1"},{"binary_name":"snapd","binary_version":"2.67.1+20.04ubuntu1~esm1"},{"binary_name":"snapd-xdg-open","binary_version":"2.67.1+20.04ubuntu1~esm1"},{"binary_name":"ubuntu-core-launcher","binary_version":"2.67.1+20.04ubuntu1~esm1"},{"binary_name":"ubuntu-core-snapd-units","binary_version":"2.67.1+20.04ubuntu1~esm1"},{"binary_name":"ubuntu-snappy","binary_version":"2.67.1+20.04ubuntu1~esm1"},{"binary_name":"ubuntu-snappy-cli","binary_version":"2.67.1+20.04ubuntu1~esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"golang-go.crypto","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/golang-go.crypto?arch=source&distro=esm-apps%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.0~git20190701.4def268-2","1:0.0~git20200221.2aa609c-1","1:0.0~git20200221.2aa609c-1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-golang-x-crypto-dev","binary_version":"1:0.0~git20200221.2aa609c-1ubuntu0.1~esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"google-guest-agent","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/google-guest-agent?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["20210629.00-0ubuntu1","20210629.00-0ubuntu2","20220104.00-0ubuntu1","20220104.00-0ubuntu2","20220622.00-0ubuntu2~22.04.0","20220622.00-0ubuntu2~22.04.1","20230426.00-0ubuntu2~22.04.0","20231004.02-0ubuntu1~22.04.1","20231004.02-0ubuntu1~22.04.2","20231004.02-0ubuntu1~22.04.3","20231004.02-0ubuntu1~22.04.4","20231004.02-0ubuntu1~22.04.5","20240716.00-0ubuntu1~22.04.0","20241011.01-0ubuntu1~22.04.0","20250116.00-0ubuntu1~22.04.0","20250116.00-0ubuntu1~22.04.1","20250116.00-0ubuntu1~22.04.2"],"ecosystem_specific":{"binaries":[{"binary_name":"google-guest-agent","binary_version":"20250116.00-0ubuntu1~22.04.2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"snapd","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/snapd?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.53+21.10ubuntu1","2.54.2+22.04ubuntu1","2.54.2+22.04ubuntu2","2.54.2+22.04ubuntu3","2.54.3+git19.g868fc21+22.04","2.54.3+git26.g360067e+22.04","2.55.2+22.04","2.55.2+22.04.1","2.55.3+22.04","2.55.3+22.04ubuntu1","2.55.5+22.04","2.56.2+22.04ubuntu1","2.57.4+22.04","2.57.5+22.04","2.57.5+22.04ubuntu0.1","2.58+22.04","2.58+22.04.1","2.61.3+22.04","2.62+22.04","2.63+22.04","2.63+22.04ubuntu0.1","2.65.3+22.04","2.66.1+22.04","2.67.1+22.04","2.68.5+ubuntu22.04.1","2.71+ubuntu22.04","2.72+ubuntu22.04","2.73+ubuntu22.04","2.73+ubuntu22.04.1","2.74.1+ubuntu22.04.4","2.75.2+ubuntu22.04"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-github-snapcore-snapd-dev","binary_version":"2.75.2+ubuntu22.04"},{"binary_name":"golang-github-ubuntu-core-snappy-dev","binary_version":"2.75.2+ubuntu22.04"},{"binary_name":"snap-confine","binary_version":"2.75.2+ubuntu22.04"},{"binary_name":"snapd","binary_version":"2.75.2+ubuntu22.04"},{"binary_name":"snapd-xdg-open","binary_version":"2.75.2+ubuntu22.04"},{"binary_name":"ubuntu-core-launcher","binary_version":"2.75.2+ubuntu22.04"},{"binary_name":"ubuntu-core-snapd-units","binary_version":"2.75.2+ubuntu22.04"},{"binary_name":"ubuntu-snappy","binary_version":"2.75.2+ubuntu22.04"},{"binary_name":"ubuntu-snappy-cli","binary_version":"2.75.2+ubuntu22.04"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"golang-go.crypto","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/golang-go.crypto?arch=source&distro=esm-apps%2Fjammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.0~git20201221.eec23a3-1","1:0.0~git20211202.5770296-1","1:0.0~git20211202.5770296-1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-golang-x-crypto-dev","binary_version":"1:0.0~git20211202.5770296-1ubuntu0.1~esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"google-guest-agent","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/google-guest-agent?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["20230426.00-0ubuntu3","20231004.02-0ubuntu1","20231004.02-0ubuntu3","20240213.00-0ubuntu1","20240213.00-0ubuntu2","20240213.00-0ubuntu3","20240213.00-0ubuntu3.1","20240213.00-0ubuntu3.2","20240716.00-0ubuntu1~24.04.0","20240716.00-0ubuntu1~24.04.1","20241011.01-0ubuntu1~24.04.0","20250116.00-0ubuntu1~24.04.0","20250116.00-0ubuntu1~24.04.1","20250116.00-0ubuntu1~24.04.2","20250116.00-0ubuntu1~24.04.3"],"ecosystem_specific":{"binaries":[{"binary_name":"google-guest-agent","binary_version":"20250116.00-0ubuntu1~24.04.3"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"snapd","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/snapd?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.60.4+23.10","2.61.3+24.04","2.62+24.04build1","2.63+24.04","2.63+24.04ubuntu0.1","2.63.1+24.04","2.65.3+24.04","2.66.1+24.04","2.67.1+24.04","2.68.5+ubuntu24.04.1","2.71+ubuntu24.04","2.72+ubuntu24.04","2.73+ubuntu24.04","2.73+ubuntu24.04.1","2.73+ubuntu24.04.2","2.74.1+ubuntu24.04.4","2.75.2+ubuntu24.04"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-github-snapcore-snapd-dev","binary_version":"2.75.2+ubuntu24.04"},{"binary_name":"golang-github-ubuntu-core-snappy-dev","binary_version":"2.75.2+ubuntu24.04"},{"binary_name":"snap-confine","binary_version":"2.75.2+ubuntu24.04"},{"binary_name":"snapd","binary_version":"2.75.2+ubuntu24.04"},{"binary_name":"snapd-xdg-open","binary_version":"2.75.2+ubuntu24.04"},{"binary_name":"ubuntu-core-launcher","binary_version":"2.75.2+ubuntu24.04"},{"binary_name":"ubuntu-core-snapd-units","binary_version":"2.75.2+ubuntu24.04"},{"binary_name":"ubuntu-snappy","binary_version":"2.75.2+ubuntu24.04"},{"binary_name":"ubuntu-snappy-cli","binary_version":"2.75.2+ubuntu24.04"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"golang-go.crypto","ecosystem":"Ubuntu:Pro:24.04:LTS","purl":"pkg:deb/ubuntu/golang-go.crypto?arch=source&distro=esm-apps%2Fnoble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.4.0-1","1:0.17.0-1","1:0.18.0-1","1:0.19.0-1","1:0.19.0-1ubuntu0.1~esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-golang-x-crypto-dev","binary_version":"1:0.19.0-1ubuntu0.1~esm1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"golang-go.crypto","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/golang-go.crypto?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.25.0-1"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-golang-x-crypto-dev","binary_version":"1:0.25.0-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"google-guest-agent","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/google-guest-agent?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["20250116.00-0ubuntu2","20250506.01-0ubuntu1","20250506.01-0ubuntu1.1"],"ecosystem_specific":{"binaries":[{"binary_name":"google-guest-agent","binary_version":"20250506.01-0ubuntu1.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"snapd","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/snapd?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.67.1+25.04","2.68.5+ubuntu25.10.2","2.71+ubuntu25.10","2.71.1+ubuntu25.10.1","2.72+ubuntu25.10.2","2.73+ubuntu25.10","2.73+ubuntu25.10.1","2.74.1+ubuntu25.10.4","2.75.2+ubuntu25.10"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-github-snapcore-snapd-dev","binary_version":"2.75.2+ubuntu25.10"},{"binary_name":"golang-github-ubuntu-core-snappy-dev","binary_version":"2.75.2+ubuntu25.10"},{"binary_name":"snap-confine","binary_version":"2.75.2+ubuntu25.10"},{"binary_name":"snapd","binary_version":"2.75.2+ubuntu25.10"},{"binary_name":"snapd-xdg-open","binary_version":"2.75.2+ubuntu25.10"},{"binary_name":"ubuntu-core-launcher","binary_version":"2.75.2+ubuntu25.10"},{"binary_name":"ubuntu-core-snapd-units","binary_version":"2.75.2+ubuntu25.10"},{"binary_name":"ubuntu-snappy","binary_version":"2.75.2+ubuntu25.10"},{"binary_name":"ubuntu-snappy-cli","binary_version":"2.75.2+ubuntu25.10"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"golang-go.crypto","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/golang-go.crypto?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:0.25.0-1","1:0.45.0-1","1:0.47.0-1"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-golang-x-crypto-dev","binary_version":"1:0.47.0-1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"google-guest-agent","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/google-guest-agent?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["20250506.01-0ubuntu1","20250506.01-0ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_name":"google-guest-agent","binary_version":"20250506.01-0ubuntu2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}},{"package":{"name":"snapd","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/snapd?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["2.71.1+ubuntu25.10.1","2.72+ubuntu26.04.1","2.73+ubuntu26.04.1","2.74+ubuntu26.04","2.74.1+ubuntu26.04","2.74.1+ubuntu26.04.3","2.74.1+ubuntu26.04.4","2.75.2+ubuntu26.04.2"],"ecosystem_specific":{"binaries":[{"binary_name":"golang-github-snapcore-snapd-dev","binary_version":"2.75.2+ubuntu26.04.2"},{"binary_name":"snapd","binary_version":"2.75.2+ubuntu26.04.2"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-39830.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]}