Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-23389
Vulnerability from cvelistv5
Published
2025-04-11 10:46
Modified
2025-04-12 03:55
Severity ?
EPSS score ?
Summary
A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login.
This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.
References
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2025-23389", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-11T00:00:00+00:00", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-12T03:55:10.469Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", packageName: "github.com/rancher/rancher", product: "rancher", vendor: "SUSE", versions: [ { lessThan: "2.8.13", status: "affected", version: "2.8.0", versionType: "semver", }, { lessThan: "2.9.7", status: "affected", version: "2.9.0", versionType: "semver", }, { lessThan: "2.10.3", status: "affected", version: "2.10.0", versionType: "semver", }, ], }, ], datePublic: "2025-02-27T17:27:00.000Z", descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login.<br><p>This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.</p>", }, ], value: "A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login.\nThis issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284: Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-11T10:46:43.655Z", orgId: "404e59f5-483d-4b8a-8e7a-e67604dd8afb", shortName: "suse", }, references: [ { url: "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23389", }, { url: "https://github.com/rancher/rancher/security/advisories/GHSA-mq23-vvg7-xfm4", }, ], source: { discovery: "UNKNOWN", }, title: "Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "404e59f5-483d-4b8a-8e7a-e67604dd8afb", assignerShortName: "suse", cveId: "CVE-2025-23389", datePublished: "2025-04-11T10:46:43.655Z", dateReserved: "2025-01-15T12:39:03.324Z", dateUpdated: "2025-04-12T03:55:10.469Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2025-23389\",\"sourceIdentifier\":\"meissner@suse.de\",\"published\":\"2025-04-11T11:15:42.620\",\"lastModified\":\"2025-04-11T15:39:52.920\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login.\\nThis issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de control de acceso inadecuado en SUSE Rancher permite a un usuario local suplantar otras identidades mediante la autenticación SAML en el primer inicio de sesión. Este problema afecta a Rancher: desde la versión 2.8.0 hasta la 2.8.13, desde la versión 2.9.0 hasta la 2.9.7, y desde la versión 2.10.0 hasta la 2.10.3.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"meissner@suse.de\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.8,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"meissner@suse.de\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"references\":[{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23389\",\"source\":\"meissner@suse.de\"},{\"url\":\"https://github.com/rancher/rancher/security/advisories/GHSA-mq23-vvg7-xfm4\",\"source\":\"meissner@suse.de\"}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-23389\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-04-11T14:33:28.165255Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-04-11T14:33:32.973Z\"}}], \"cna\": {\"title\": \"Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SUSE\", \"product\": \"rancher\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.8.0\", \"lessThan\": \"2.8.13\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2.9.0\", \"lessThan\": \"2.9.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2.10.0\", \"lessThan\": \"2.10.3\", \"versionType\": \"semver\"}], \"packageName\": \"github.com/rancher/rancher\", \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2025-02-27T17:27:00.000Z\", \"references\": [{\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23389\"}, {\"url\": \"https://github.com/rancher/rancher/security/advisories/GHSA-mq23-vvg7-xfm4\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login.\\nThis issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login.<br><p>This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.</p>\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"CWE-284: Improper Access Control\"}]}], \"providerMetadata\": {\"orgId\": \"404e59f5-483d-4b8a-8e7a-e67604dd8afb\", \"shortName\": \"suse\", \"dateUpdated\": \"2025-04-11T10:46:43.655Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2025-23389\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-12T03:55:10.469Z\", \"dateReserved\": \"2025-01-15T12:39:03.324Z\", \"assignerOrgId\": \"404e59f5-483d-4b8a-8e7a-e67604dd8afb\", \"datePublished\": \"2025-04-11T10:46:43.655Z\", \"assignerShortName\": \"suse\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
opensuse-su-2025:14889-1
Vulnerability from csaf_opensuse
Published
2025-03-13 00:00
Modified
2025-03-13 00:00
Summary
govulncheck-vulndb-0.0.20250312T181707-1.1 on GA media
Notes
Title of the patch
govulncheck-vulndb-0.0.20250312T181707-1.1 on GA media
Description of the patch
These are all security issues fixed in the govulncheck-vulndb-0.0.20250312T181707-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-14889
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "govulncheck-vulndb-0.0.20250312T181707-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the govulncheck-vulndb-0.0.20250312T181707-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2025-14889", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_14889-1.json", }, { category: "self", summary: "SUSE CVE CVE-2024-57603 page", url: "https://www.suse.com/security/cve/CVE-2024-57603/", }, { category: "self", summary: "SUSE CVE CVE-2024-57604 page", url: "https://www.suse.com/security/cve/CVE-2024-57604/", }, { category: "self", summary: "SUSE CVE CVE-2025-0426 page", url: "https://www.suse.com/security/cve/CVE-2025-0426/", }, { category: "self", summary: "SUSE CVE CVE-2025-1243 page", url: "https://www.suse.com/security/cve/CVE-2025-1243/", }, { category: "self", summary: "SUSE CVE CVE-2025-1293 page", url: "https://www.suse.com/security/cve/CVE-2025-1293/", }, { category: "self", summary: "SUSE CVE CVE-2025-1412 page", url: "https://www.suse.com/security/cve/CVE-2025-1412/", }, { category: "self", summary: "SUSE CVE CVE-2025-20051 page", url: "https://www.suse.com/security/cve/CVE-2025-20051/", }, { category: "self", summary: "SUSE CVE CVE-2025-22870 page", url: "https://www.suse.com/security/cve/CVE-2025-22870/", }, { category: "self", summary: "SUSE CVE CVE-2025-22952 page", url: "https://www.suse.com/security/cve/CVE-2025-22952/", }, { category: "self", summary: "SUSE CVE CVE-2025-23387 page", url: "https://www.suse.com/security/cve/CVE-2025-23387/", }, { category: "self", summary: "SUSE CVE CVE-2025-23388 page", url: "https://www.suse.com/security/cve/CVE-2025-23388/", }, { category: "self", summary: "SUSE CVE CVE-2025-23389 page", url: "https://www.suse.com/security/cve/CVE-2025-23389/", }, { category: "self", summary: "SUSE CVE CVE-2025-24016 page", url: "https://www.suse.com/security/cve/CVE-2025-24016/", }, { category: "self", summary: "SUSE CVE CVE-2025-24526 page", url: "https://www.suse.com/security/cve/CVE-2025-24526/", }, { category: "self", summary: "SUSE CVE CVE-2025-24806 page", url: "https://www.suse.com/security/cve/CVE-2025-24806/", }, { category: "self", summary: "SUSE CVE CVE-2025-24976 page", url: "https://www.suse.com/security/cve/CVE-2025-24976/", }, { category: "self", summary: "SUSE CVE CVE-2025-25196 page", url: "https://www.suse.com/security/cve/CVE-2025-25196/", }, { category: "self", summary: "SUSE CVE CVE-2025-25199 page", url: "https://www.suse.com/security/cve/CVE-2025-25199/", }, { category: "self", summary: "SUSE CVE CVE-2025-25204 page", url: "https://www.suse.com/security/cve/CVE-2025-25204/", }, { category: "self", summary: "SUSE CVE CVE-2025-25279 page", url: "https://www.suse.com/security/cve/CVE-2025-25279/", }, { category: "self", summary: "SUSE CVE CVE-2025-25294 page", url: "https://www.suse.com/security/cve/CVE-2025-25294/", }, { category: "self", summary: "SUSE CVE CVE-2025-27088 page", url: "https://www.suse.com/security/cve/CVE-2025-27088/", }, { category: "self", summary: "SUSE CVE CVE-2025-27090 page", url: "https://www.suse.com/security/cve/CVE-2025-27090/", }, { category: "self", summary: "SUSE CVE CVE-2025-27100 page", url: "https://www.suse.com/security/cve/CVE-2025-27100/", }, { category: "self", summary: "SUSE CVE CVE-2025-27112 page", url: "https://www.suse.com/security/cve/CVE-2025-27112/", }, { category: "self", summary: "SUSE CVE CVE-2025-27144 page", url: "https://www.suse.com/security/cve/CVE-2025-27144/", }, { category: "self", summary: "SUSE CVE CVE-2025-27155 page", url: "https://www.suse.com/security/cve/CVE-2025-27155/", }, { category: "self", summary: "SUSE CVE CVE-2025-27414 page", url: "https://www.suse.com/security/cve/CVE-2025-27414/", }, { category: "self", summary: "SUSE CVE CVE-2025-27421 page", url: "https://www.suse.com/security/cve/CVE-2025-27421/", }, { category: "self", summary: "SUSE CVE CVE-2025-27507 page", url: "https://www.suse.com/security/cve/CVE-2025-27507/", }, { category: "self", summary: "SUSE CVE CVE-2025-27509 page", url: "https://www.suse.com/security/cve/CVE-2025-27509/", }, ], title: "govulncheck-vulndb-0.0.20250312T181707-1.1 on GA media", tracking: { current_release_date: "2025-03-13T00:00:00Z", generator: { date: "2025-03-13T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2025:14889-1", initial_release_date: "2025-03-13T00:00:00Z", revision_history: [ { date: "2025-03-13T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", product: { name: "govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", product_id: "govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", product: { name: "govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", product_id: "govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", product: { name: "govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", product_id: "govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", product: { name: "govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", product_id: "govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", }, product_reference: "govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", }, product_reference: "govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "govulncheck-vulndb-0.0.20250312T181707-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", }, product_reference: "govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", }, product_reference: "govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2024-57603", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-57603", }, ], notes: [ { category: "general", text: "An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-57603", url: "https://www.suse.com/security/cve/CVE-2024-57603", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2024-57603", }, { cve: "CVE-2024-57604", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2024-57604", }, ], notes: [ { category: "general", text: "An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2024-57604", url: "https://www.suse.com/security/cve/CVE-2024-57604", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "critical", }, ], title: "CVE-2024-57604", }, { cve: "CVE-2025-0426", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-0426", }, ], notes: [ { category: "general", text: "A security issue was discovered in Kubernetes where a large number of container checkpoint requests made to the unauthenticated kubelet read-only HTTP endpoint may cause a Node Denial of Service by filling the Node's disk.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-0426", url: "https://www.suse.com/security/cve/CVE-2025-0426", }, { category: "external", summary: "SUSE Bug 1237189 for CVE-2025-0426", url: "https://bugzilla.suse.com/1237189", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.2, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-0426", }, { cve: "CVE-2025-1243", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-1243", }, ], notes: [ { category: "general", text: "The Temporal api-go library prior to version 1.44.1 did not send `update response` information to Data Converter when the proxy package within the api-go module was used in a gRPC proxy prior to transmission. This resulted in information contained within the `update response` field not having Data Converter transformations (e.g. encryption) applied. This is an issue only when using the UpdateWorkflowExecution APIs (released on 13th January 2025) with a proxy leveraging the api-go library before version 1.44.1.\n\nOther data fields were correctly sent to Data Converter. This issue does not impact the Data Converter server. Data was encrypted in transit. Temporal Cloud services are not impacted.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-1243", url: "https://www.suse.com/security/cve/CVE-2025-1243", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "low", }, ], title: "CVE-2025-1243", }, { cve: "CVE-2025-1293", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-1293", }, ], notes: [ { category: "general", text: "Hermes versions up to 0.4.0 improperly validated the JWT provided when using the AWS ALB authentication mode, potentially allowing for authentication bypass. This vulnerability, CVE-2025-1293, was fixed in Hermes 0.5.0.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-1293", url: "https://www.suse.com/security/cve/CVE-2025-1293", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "important", }, ], title: "CVE-2025-1293", }, { cve: "CVE-2025-1412", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-1412", }, ], notes: [ { category: "general", text: "Mattermost versions 9.11.x <= 9.11.6, 10.4.x <= 10.4.1 fail to invalidate all active sessions when converting a user to a bot, with allows the converted user to escalate their privileges depending on the permissions granted to the bot.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-1412", url: "https://www.suse.com/security/cve/CVE-2025-1412", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "low", }, ], title: "CVE-2025-1412", }, { cve: "CVE-2025-20051", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-20051", }, ], notes: [ { category: "general", text: "Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate input when patching and duplicating a board, which allows a user to read any arbitrary file on the system via duplicating a specially crafted block in Boards.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-20051", url: "https://www.suse.com/security/cve/CVE-2025-20051", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "critical", }, ], title: "CVE-2025-20051", }, { cve: "CVE-2025-22870", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22870", }, ], notes: [ { category: "general", text: "Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to \"*.example.com\", a request to \"[::1%25.example.com]:80` will incorrectly match and not be proxied.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22870", url: "https://www.suse.com/security/cve/CVE-2025-22870", }, { category: "external", summary: "SUSE Bug 1238572 for CVE-2025-22870", url: "https://bugzilla.suse.com/1238572", }, { category: "external", summary: "SUSE Bug 1238611 for CVE-2025-22870", url: "https://bugzilla.suse.com/1238611", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, products: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-22870", }, { cve: "CVE-2025-22952", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-22952", }, ], notes: [ { category: "general", text: "elestio memos v0.23.0 is vulnerable to Server-Side Request Forgery (SSRF) due to insufficient validation of user-supplied URLs, which can be exploited to perform SSRF attacks.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-22952", url: "https://www.suse.com/security/cve/CVE-2025-22952", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "critical", }, ], title: "CVE-2025-22952", }, { cve: "CVE-2025-23387", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-23387", }, ], notes: [ { category: "general", text: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-23387", url: "https://www.suse.com/security/cve/CVE-2025-23387", }, { category: "external", summary: "SUSE Bug 1236656 for CVE-2025-23387", url: "https://bugzilla.suse.com/1236656", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "important", }, ], title: "CVE-2025-23387", }, { cve: "CVE-2025-23388", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-23388", }, ], notes: [ { category: "general", text: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-23388", url: "https://www.suse.com/security/cve/CVE-2025-23388", }, { category: "external", summary: "SUSE Bug 1236668 for CVE-2025-23388", url: "https://bugzilla.suse.com/1236668", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "important", }, ], title: "CVE-2025-23388", }, { cve: "CVE-2025-23389", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-23389", }, ], notes: [ { category: "general", text: "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-23389", url: "https://www.suse.com/security/cve/CVE-2025-23389", }, { category: "external", summary: "SUSE Bug 1236780 for CVE-2025-23389", url: "https://bugzilla.suse.com/1236780", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "important", }, ], title: "CVE-2025-23389", }, { cve: "CVE-2025-24016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-24016", }, ], notes: [ { category: "general", text: "Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-24016", url: "https://www.suse.com/security/cve/CVE-2025-24016", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "critical", }, ], title: "CVE-2025-24016", }, { cve: "CVE-2025-24526", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-24526", }, ], notes: [ { category: "general", text: "Mattermost versions 10.1.x <= 10.1.3, 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to restrict channel export of archived channels when the \"Allow users to view archived channels\" is disabled which allows a user to export channel contents when they shouldn't have access to it", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-24526", url: "https://www.suse.com/security/cve/CVE-2025-24526", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-24526", }, { cve: "CVE-2025-24806", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-24806", }, ], notes: [ { category: "general", text: "Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on (SSO) for applications via a web portal. If users are allowed to sign in via both username and email the regulation system treats these as separate login events. This leads to the regulation limitations being effectively doubled assuming an attacker using brute-force to find a user password. It's important to note that due to the effective operation of regulation where no user-facing sign of their regulation ban being visible either via timing or via API responses, it's effectively impossible to determine if a failure occurs due to a bad username password combination, or a effective ban blocking the attempt which heavily mitigates any form of brute-force. This occurs because the records and counting process for this system uses the method utilized for sign in rather than the effective username attribute. This has a minimal impact on account security, this impact is increased naturally in scenarios when there is no two-factor authentication required and weak passwords are used. This makes it a bit easier to brute-force a password. A patch for this issue has been applied to versions 4.38.19, and 4.39.0. Users are advised to upgrade. Users unable to upgrade should 1. Not heavily modify the default settings in a way that ends up with shorter or less frequent regulation bans. The default settings effectively mitigate any potential for this issue to be exploited. and 2. Disable the ability for users to login via an email address.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-24806", url: "https://www.suse.com/security/cve/CVE-2025-24806", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "low", }, ], title: "CVE-2025-24806", }, { cve: "CVE-2025-24976", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-24976", }, ], notes: [ { category: "general", text: "Distribution is a toolkit to pack, ship, store, and deliver container content. Systems running registry versions 3.0.0-beta.1 through 3.0.0-rc.2 with token authentication enabled may be vulnerable to an issue in which token authentication allows an attacker to inject an untrusted signing key in a JSON web token (JWT). The issue lies in how the JSON web key (JWK) verification is performed. When a JWT contains a JWK header without a certificate chain, the code only checks if the KeyID (`kid`) matches one of the trusted keys, but doesn't verify that the actual key material matches. A fix for the issue is available at commit 5ea9aa028db65ca5665f6af2c20ecf9dc34e5fcd and expected to be a part of version 3.0.0-rc.3. There is no way to work around this issue without patching if the system requires token authentication.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-24976", url: "https://www.suse.com/security/cve/CVE-2025-24976", }, { category: "external", summary: "SUSE Bug 1237074 for CVE-2025-24976", url: "https://bugzilla.suse.com/1237074", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "important", }, ], title: "CVE-2025-24976", }, { cve: "CVE-2025-25196", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-25196", }, ], notes: [ { category: "general", text: "OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA < v1.8.4 (Helm chart < openfga-0.2.22, docker < v.1.8.4) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Users on OpenFGA v1.8.4 or previous, specifically under the following conditions are affected by this authorization bypass vulnerability: 1. Calling Check API or ListObjects with a model that has a relation directly assignable to both public access AND userset with the same type. 2. A type bound public access tuple is assigned to an object. 3. userset tuple is not assigned to the same object. and 4. Check request's user field is a userset that has the same type as the type bound public access tuple's user type. Users are advised to upgrade to v1.8.5 which is backwards compatible. There are no known workarounds for this vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-25196", url: "https://www.suse.com/security/cve/CVE-2025-25196", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-25196", }, { cve: "CVE-2025-25199", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-25199", }, ], notes: [ { category: "general", text: "go-crypto-winnative Go crypto backend for Windows using Cryptography API: Next Generation (CNG). Prior to commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41, calls to `cng.TLS1PRF` don't release the key handle, producing a small memory leak every time. Commit f49c8e1379ea4b147d5bff1b3be5b0ff45792e41 contains a fix for the issue. The fix is included in versions 1.23.6-2 and 1.22.12-2 of the Microsoft build of go, as well as in the pseudoversion 0.0.0-20250211154640-f49c8e1379ea of the `github.com/microsoft/go-crypto-winnative` Go package.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-25199", url: "https://www.suse.com/security/cve/CVE-2025-25199", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "important", }, ], title: "CVE-2025-25199", }, { cve: "CVE-2025-25204", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-25204", }, ], notes: [ { category: "general", text: "`gh` is GitHub's official command line tool. Starting in version 2.49.0 and prior to version 2.67.0, under certain conditions, a bug in GitHub's Artifact Attestation cli tool `gh attestation verify` causes it to return a zero exit status when no attestations are present. This behavior is incorrect: When no attestations are present, `gh attestation verify` should return a non-zero exit status code, thereby signaling verification failure. An attacker can abuse this flaw to, for example, deploy malicious artifacts in any system that uses `gh attestation verify`'s exit codes to gatekeep deployments. Users are advised to update `gh` to patched version `v2.67.0` as soon as possible.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-25204", url: "https://www.suse.com/security/cve/CVE-2025-25204", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-25204", }, { cve: "CVE-2025-25279", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-25279", }, ], notes: [ { category: "general", text: "Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate board blocks when importing boards which allows an attacker could read any arbitrary file on the system via importing and exporting a specially crafted import archive in Boards.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-25279", url: "https://www.suse.com/security/cve/CVE-2025-25279", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "critical", }, ], title: "CVE-2025-25279", }, { cve: "CVE-2025-25294", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-25294", }, ], notes: [ { category: "general", text: "Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. In all Envoy Gateway versions prior to 1.2.7 and 1.3.1 a default Envoy Proxy access log configuration is used. This format is vulnerable to log injection attacks. If the attacker uses a specially crafted user-agent which performs json injection, then he could add and overwrite fields to the access log. This vulnerability is fixed in 1.3.1 and 1.2.7. One can overwrite the old text based default format with JSON formatter by modifying the \"EnvoyProxy.spec.telemetry.accessLog\" setting.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-25294", url: "https://www.suse.com/security/cve/CVE-2025-25294", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-25294", }, { cve: "CVE-2025-27088", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-27088", }, ], notes: [ { category: "general", text: "oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This can lead to session hijacking or phishing attacks on a trusted domain, posing a moderate risk to all users. It's possible to inject html elements, including scripts through the folder-list template. The affected template allows users to interact with the URL path provided by the `Request.URL.Path` variable, which is then rendered directly into the HTML without proper sanitization or escaping. This can be abused by attackers who craft a malicious URL containing injected HTML or JavaScript. When users visit such a URL, the malicious script will be executed in the user's context. This issue has been addressed in version 4.18.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-27088", url: "https://www.suse.com/security/cve/CVE-2025-27088", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "important", }, ], title: "CVE-2025-27088", }, { cve: "CVE-2025-27090", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-27090", }, ], notes: [ { category: "general", text: "Sliver is an open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so. The only impact that has been shown is the exposure of the server's IP address to a third party. This issue has been addressed in version 1.5.43 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-27090", url: "https://www.suse.com/security/cve/CVE-2025-27090", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-27090", }, { cve: "CVE-2025-27100", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-27100", }, ], notes: [ { category: "general", text: "lakeFS is an open-source tool that transforms your object storage into a Git-like repository. In affected versions an authenticated user can crash lakeFS by exhausting server memory. This is an authenticated denial-of-service issue. This problem has been patched in version 1.50.0. Users on versions 1.49.1 and below are affected. Users are advised to upgrade. Users unable to upgrade should either set the environment variable `LAKEFS_BLOCKSTORE_S3_DISABLE_PRE_SIGNED_MULTIPART` to `true` or configure the `disable_pre_signed_multipart` key to true in their config yaml.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-27100", url: "https://www.suse.com/security/cve/CVE-2025-27100", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-27100", }, { cve: "CVE-2025-27112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-27112", }, ], notes: [ { category: "general", text: "Navidrome is an open source web-based music collection server and streamer. Starting in version 0.52.0 and prior to version 0.54.5, in certain Subsonic API endpoints, a flaw in the authentication check process allows an attacker to specify any arbitrary username that does not exist on the system, along with a salted hash of an empty password. Under these conditions, Navidrome treats the request as authenticated, granting access to various Subsonic endpoints without requiring valid credentials. An attacker can use any non-existent username to bypass the authentication system and gain access to various read-only data in Navidrome, such as user playlists. However, any attempt to modify data fails with a \"permission denied\" error due to insufficient permissions, limiting the impact to unauthorized viewing of information. Version 0.54.5 contains a patch for this issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-27112", url: "https://www.suse.com/security/cve/CVE-2025-27112", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, products: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-27112", }, { cve: "CVE-2025-27144", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-27144", }, ], notes: [ { category: "general", text: "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-27144", url: "https://www.suse.com/security/cve/CVE-2025-27144", }, { category: "external", summary: "SUSE Bug 1237608 for CVE-2025-27144", url: "https://bugzilla.suse.com/1237608", }, { category: "external", summary: "SUSE Bug 1237609 for CVE-2025-27144", url: "https://bugzilla.suse.com/1237609", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "important", }, ], title: "CVE-2025-27144", }, { cve: "CVE-2025-27155", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-27155", }, ], notes: [ { category: "general", text: "Pinecone is an experimental overlay routing protocol suite which is the foundation of the current P2P Matrix demos. The Pinecone Simulator (pineconesim) included in Pinecone up to commit ea4c337 is vulnerable to stored cross-site scripting. The payload storage is not permanent and will be wiped when restarting pineconesim.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-27155", url: "https://www.suse.com/security/cve/CVE-2025-27155", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-27155", }, { cve: "CVE-2025-27414", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-27414", }, ], notes: [ { category: "general", text: "MinIO is a high performance object storage. Starting in RELEASE.2024-06-06T09-36-42Z and prior to \nRELEASE.2025-02-28T09-55-16Z, a bug in evaluating the trust of the SSH key used in an SFTP connection to MinIO allows authentication bypass and unauthorized data access. On a MinIO server with SFTP access configured and using LDAP as an external identity provider, MinIO supports SSH key based authentication for SFTP connections when the user has the `sshPublicKey` attribute set in their LDAP server. The server trusts the client's key only when the public key is the same as the `sshPublicKey` attribute. Due to the bug, when the user has no `sshPublicKey` property in LDAP, the server ends up trusting the key allowing the client to perform any FTP operations allowed by the MinIO access policies associated with the LDAP user (or any of their groups). Three requirements must be met in order to exploit the vulnerability. First, the MinIO server must be configured to allow SFTP access and use LDAP as an external identity provider. Second, the attacker must have knowledge of an LDAP username that does not have the `sshPublicKey` property set. Third, such an LDAP username or one of their groups must also have some MinIO access policy configured. When this bug is successfully exploited, the attacker can perform any FTP operations (i.e. reading, writing, deleting and listing objects) allowed by the access policy associated with the LDAP user account (and their groups). Version 1.2.0 fixes the issue.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-27414", url: "https://www.suse.com/security/cve/CVE-2025-27414", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "moderate", }, ], title: "CVE-2025-27414", }, { cve: "CVE-2025-27421", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-27421", }, ], notes: [ { category: "general", text: "Abacus is a highly scalable and stateless counting API. A critical goroutine leak vulnerability has been identified in the Abacus server's Server-Sent Events (SSE) implementation. The issue occurs when clients disconnect from the /stream endpoint, as the server fails to properly clean up resources and terminate associated goroutines. This leads to resource exhaustion where the server continues running but eventually stops accepting new SSE connections while maintaining high memory usage. The vulnerability specifically involves improper channel cleanup in the event handling mechanism, causing goroutines to remain blocked indefinitely. This vulnerability is fixed in 1.4.0.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-27421", url: "https://www.suse.com/security/cve/CVE-2025-27421", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "important", }, ], title: "CVE-2025-27421", }, { cve: "CVE-2025-27507", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-27507", }, ], notes: [ { category: "general", text: "The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. ZITADEL's Admin API contains Insecure Direct Object Reference (IDOR) vulnerabilities that allow authenticated users, without specific IAM roles, to modify sensitive settings. While several endpoints are affected, the most critical vulnerability lies in the ability to manipulate LDAP configurations. Customers who do not utilize LDAP for authentication are not at risk from the most severe aspects of this vulnerability. However, upgrading to the patched version to address all identified issues is strongly recommended. This vulnerability is fixed in 2.71.0, 2.70.1, ,2.69.4, 2.68.4, 2.67.8, 2.66.11, 2.65.6, 2.64.5, and 2.63.8.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-27507", url: "https://www.suse.com/security/cve/CVE-2025-27507", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "important", }, ], title: "CVE-2025-27507", }, { cve: "CVE-2025-27509", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2025-27509", }, ], notes: [ { category: "general", text: "fleetdm/fleet is an open source device management, built on osquery. In vulnerable versions of Fleet, an attacker could craft a specially-formed SAML response to forge authentication assertions, provision a new administrative user account if Just-In-Time (JIT) provisioning is enabled, or create new accounts tied to forged assertions if f MDM enrollment is enabled. This vulnerability is fixed in 4.64.2, 4.63.2, 4.62.4, and 4.58.1.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2025-27509", url: "https://www.suse.com/security/cve/CVE-2025-27509", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.aarch64", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.ppc64le", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.s390x", "openSUSE Tumbleweed:govulncheck-vulndb-0.0.20250312T181707-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2025-03-13T00:00:00Z", details: "critical", }, ], title: "CVE-2025-27509", }, ], }
fkie_cve-2025-23389
Vulnerability from fkie_nvd
Published
2025-04-11 11:15
Modified
2025-04-11 15:39
Severity ?
Summary
A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login.
This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.
References
Impacted products
| Vendor | Product | Version |
|---|
{ cveTags: [], descriptions: [ { lang: "en", value: "A Improper Access Control vulnerability in SUSE rancher allows a local user to impersonate other identities through SAML Authentication on first login.\nThis issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3.", }, { lang: "es", value: "Una vulnerabilidad de control de acceso inadecuado en SUSE Rancher permite a un usuario local suplantar otras identidades mediante la autenticación SAML en el primer inicio de sesión. Este problema afecta a Rancher: desde la versión 2.8.0 hasta la 2.8.13, desde la versión 2.9.0 hasta la 2.9.7, y desde la versión 2.10.0 hasta la 2.10.3.", }, ], id: "CVE-2025-23389", lastModified: "2025-04-11T15:39:52.920", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 6, source: "meissner@suse.de", type: "Secondary", }, ], }, published: "2025-04-11T11:15:42.620", references: [ { source: "meissner@suse.de", url: "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23389", }, { source: "meissner@suse.de", url: "https://github.com/rancher/rancher/security/advisories/GHSA-mq23-vvg7-xfm4", }, ], sourceIdentifier: "meissner@suse.de", vulnStatus: "Awaiting Analysis", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "meissner@suse.de", type: "Primary", }, ], }
ghsa-mq23-vvg7-xfm4
Vulnerability from github
Published
2025-02-27 18:27
Modified
2025-04-11 23:13
Severity ?
Summary
Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login
Details
Impact
A vulnerability in Rancher has been discovered, leading to a local user impersonation through SAML Authentication on first login.
The issue occurs when a SAML authentication provider (AP) is configured (e.g. Keycloak). A newly created AP user can impersonate any user on Rancher by manipulating cookie values during their initial login to Rancher. This vulnerability could also be exploited if a Rancher user (present on the AP) is removed, either manually or automatically via the User Retention feature with delete-inactive-user-after.
More precisely, Rancher validates only a subset of input from the SAML assertion request; however, it trusts and uses values that are not properly validated. An attacker could then configure the saml_Rancher_UserID cookie and the saml_Rancher_Action cookie so that the user principal from the AP will be added to the user specified by the attacker (from saml_Rancher_UserID). Rancher can then be deceived by setting saml_Rancher_UserID to the admin's user ID and saml_Rancher_Action to testAndEnable, thereby executing the vulnerable code path and leading to privilege escalation.
Note that the vulnerability impacts all SAML APs available in Rancher. However the following Rancher deployments are not affected: 1. Rancher deployments not using SAML-based AP. 2. Rancher deployments using SAML-based AP, where all SAML users are already signed in and linked to a Rancher account.
Please consult the associated MITRE ATT&CK - Technique - Access Token Manipulation: Token Impersonation/Theft for further information about this category of attack.
Patches
This vulnerability is addressed by adding the UserID claim to a JWT signed token, which is protected against tampering.
Patched versions include releases v2.8.13, v2.9.7 and v2.10.3.
Workarounds
Rancher deployments that can't upgrade, could temporarily disable the SAML-based AP as a temporary workaround. However, upgrading is recommended.
References
If you have any questions or comments about this advisory: - Reach out to the SUSE Rancher Security team for security related inquiries. - Open an issue in the Rancher repository. - Verify with our support matrix and product support lifecycle.
{ affected: [ { package: { ecosystem: "Go", name: "github.com/rancher/rancher", }, ranges: [ { events: [ { introduced: "2.8.0", }, { fixed: "2.8.13", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "Go", name: "github.com/rancher/rancher", }, ranges: [ { events: [ { introduced: "2.9.0", }, { fixed: "2.9.7", }, ], type: "ECOSYSTEM", }, ], }, { package: { ecosystem: "Go", name: "github.com/rancher/rancher", }, ranges: [ { events: [ { introduced: "2.10.0", }, { fixed: "2.10.3", }, ], type: "ECOSYSTEM", }, ], }, ], aliases: [ "CVE-2025-23389", ], database_specific: { cwe_ids: [ "CWE-284", "CWE-287", ], github_reviewed: true, github_reviewed_at: "2025-02-27T18:27:56Z", nvd_published_at: "2025-04-11T11:15:42Z", severity: "HIGH", }, details: "### Impact\nA vulnerability in Rancher has been discovered, leading to a local user impersonation through SAML Authentication on first login.\n\nThe issue occurs when a SAML authentication provider (AP) is configured (e.g. Keycloak). A newly created AP user can impersonate any user on Rancher by manipulating cookie values during their initial login to Rancher. This vulnerability could also be exploited if a Rancher user (present on the AP) is removed, either manually or automatically via the [User Retention feature](https://ranchermanager.docs.rancher.com/how-to-guides/advanced-user-guides/enable-user-retention) with delete-inactive-user-after.\n\nMore precisely, Rancher validates only a subset of input from the SAML assertion request; however, it trusts and uses values that are not properly validated. An attacker could then configure the saml_Rancher_UserID cookie and the saml_Rancher_Action cookie so that the user principal from the AP will be added to the user specified by the attacker (from saml_Rancher_UserID). Rancher can then be deceived by setting saml_Rancher_UserID to the admin's user ID and saml_Rancher_Action to testAndEnable, thereby executing the vulnerable code path and leading to privilege escalation.\n\nNote that the vulnerability impacts all SAML APs available in Rancher. However the following Rancher deployments are not affected:\n1. Rancher deployments not using SAML-based AP.\n2. Rancher deployments using SAML-based AP, where all SAML users are already signed in and linked to a Rancher account.\n\nPlease consult the associated [MITRE ATT&CK - Technique - Access Token Manipulation: Token Impersonation/Theft](https://attack.mitre.org/techniques/T1134/001/) for further information about this category of attack.\n\n### Patches\nThis vulnerability is addressed by adding the UserID claim to a JWT signed token, which is protected against tampering. \n\nPatched versions include releases `v2.8.13`, `v2.9.7` and `v2.10.3`.\n\n### Workarounds\nRancher deployments that can't upgrade, could temporarily disable the SAML-based AP as a temporary workaround. However, upgrading is recommended.\n\n### References\nIf you have any questions or comments about this advisory:\n- Reach out to the [SUSE Rancher Security team](https://github.com/rancher/rancher/security/policy) for security related inquiries.\n- Open an issue in the [Rancher](https://github.com/rancher/rancher/issues/new/choose) repository.\n- Verify with our [support matrix](https://www.suse.com/suse-rancher/support-matrix/all-supported-versions/) and [product support lifecycle](https://www.suse.com/lifecycle/).", id: "GHSA-mq23-vvg7-xfm4", modified: "2025-04-11T23:13:40Z", published: "2025-02-27T18:27:56Z", references: [ { type: "WEB", url: "https://github.com/rancher/rancher/security/advisories/GHSA-mq23-vvg7-xfm4", }, { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2025-23389", }, { type: "WEB", url: "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23389", }, { type: "PACKAGE", url: "https://github.com/rancher/rancher", }, { type: "WEB", url: "https://pkg.go.dev/vuln/GO-2025-3490", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L", type: "CVSS_V3", }, ], summary: "Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login", }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.