Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-59375 (GCVE-0-2025-59375)
Vulnerability from cvelistv5 – Published: 2025-09-15 00:00 – Updated: 2025-11-04 21:13
VLAI?
EPSS
Summary
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
Severity ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| libexpat project | libexpat |
Affected:
0 , < 2.7.2
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-15T20:22:58.509715Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-15T20:23:08.737Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T21:13:49.823Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/09/16/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "libexpat",
"vendor": "libexpat project",
"versions": [
{
"lessThan": "2.7.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T13:21:47.961Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"url": "https://issues.oss-fuzz.com/issues/439133977"
},
{
"url": "https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-59375",
"datePublished": "2025-09-15T00:00:00.000Z",
"dateReserved": "2025-09-15T00:00:00.000Z",
"dateUpdated": "2025-11-04T21:13:49.823Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-59375\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-09-15T03:15:40.920\",\"lastModified\":\"2025-11-04T22:16:34.927\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.2\",\"matchCriteriaId\":\"2562E072-C9E9-432C-9545-404F89D73E00\"}]}]}],\"references\":[{\"url\":\"https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/libexpat/libexpat/issues/1018\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"https://github.com/libexpat/libexpat/pull/1034\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://issues.oss-fuzz.com/issues/439133977\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/09/16/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2025/09/16/2\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T21:13:49.823Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-59375\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-15T20:22:58.509715Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-15T20:23:05.396Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C\"}}], \"affected\": [{\"vendor\": \"libexpat project\", \"product\": \"libexpat\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.7.2\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/libexpat/libexpat/issues/1018\"}, {\"url\": \"https://github.com/libexpat/libexpat/pull/1034\"}, {\"url\": \"https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74\"}, {\"url\": \"https://issues.oss-fuzz.com/issues/439133977\"}, {\"url\": \"https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes\"}], \"x_generator\": {\"engine\": \"enrichogram 0.0.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"CWE-770 Allocation of Resources Without Limits or Throttling\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.7.2\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-09-17T13:21:47.961Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-59375\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-04T21:13:49.823Z\", \"dateReserved\": \"2025-09-15T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-09-15T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2025:03508-1
Vulnerability from csaf_suse - Published: 2025-10-09 08:33 - Updated: 2025-10-09 08:33Summary
Security update for expat
Notes
Title of the patch
Security update for expat
Description of the patch
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations
by submitting crafted XML input (bsc#1249584).
Patchnames
SUSE-2025-3508,SUSE-SLE-Module-Basesystem-15-SP7-2025-3508
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations\n by submitting crafted XML input (bsc#1249584).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3508,SUSE-SLE-Module-Basesystem-15-SP7-2025-3508",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03508-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03508-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503508-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03508-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-October/042051.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249584",
"url": "https://bugzilla.suse.com/1249584"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59375/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-10-09T08:33:00Z",
"generator": {
"date": "2025-10-09T08:33:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03508-1",
"initial_release_date": "2025-10-09T08:33:00Z",
"revision_history": [
{
"date": "2025-10-09T08:33:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150700.3.6.1.aarch64",
"product": {
"name": "expat-2.7.1-150700.3.6.1.aarch64",
"product_id": "expat-2.7.1-150700.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150700.3.6.1.aarch64",
"product": {
"name": "libexpat-devel-2.7.1-150700.3.6.1.aarch64",
"product_id": "libexpat-devel-2.7.1-150700.3.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150700.3.6.1.aarch64",
"product": {
"name": "libexpat1-2.7.1-150700.3.6.1.aarch64",
"product_id": "libexpat1-2.7.1-150700.3.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat-devel-64bit-2.7.1-150700.3.6.1.aarch64_ilp32",
"product": {
"name": "libexpat-devel-64bit-2.7.1-150700.3.6.1.aarch64_ilp32",
"product_id": "libexpat-devel-64bit-2.7.1-150700.3.6.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libexpat1-64bit-2.7.1-150700.3.6.1.aarch64_ilp32",
"product": {
"name": "libexpat1-64bit-2.7.1-150700.3.6.1.aarch64_ilp32",
"product_id": "libexpat1-64bit-2.7.1-150700.3.6.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150700.3.6.1.i586",
"product": {
"name": "expat-2.7.1-150700.3.6.1.i586",
"product_id": "expat-2.7.1-150700.3.6.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150700.3.6.1.i586",
"product": {
"name": "libexpat-devel-2.7.1-150700.3.6.1.i586",
"product_id": "libexpat-devel-2.7.1-150700.3.6.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150700.3.6.1.i586",
"product": {
"name": "libexpat1-2.7.1-150700.3.6.1.i586",
"product_id": "libexpat1-2.7.1-150700.3.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150700.3.6.1.ppc64le",
"product": {
"name": "expat-2.7.1-150700.3.6.1.ppc64le",
"product_id": "expat-2.7.1-150700.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150700.3.6.1.ppc64le",
"product": {
"name": "libexpat-devel-2.7.1-150700.3.6.1.ppc64le",
"product_id": "libexpat-devel-2.7.1-150700.3.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150700.3.6.1.ppc64le",
"product": {
"name": "libexpat1-2.7.1-150700.3.6.1.ppc64le",
"product_id": "libexpat1-2.7.1-150700.3.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150700.3.6.1.s390x",
"product": {
"name": "expat-2.7.1-150700.3.6.1.s390x",
"product_id": "expat-2.7.1-150700.3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150700.3.6.1.s390x",
"product": {
"name": "libexpat-devel-2.7.1-150700.3.6.1.s390x",
"product_id": "libexpat-devel-2.7.1-150700.3.6.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150700.3.6.1.s390x",
"product": {
"name": "libexpat1-2.7.1-150700.3.6.1.s390x",
"product_id": "libexpat1-2.7.1-150700.3.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150700.3.6.1.x86_64",
"product": {
"name": "expat-2.7.1-150700.3.6.1.x86_64",
"product_id": "expat-2.7.1-150700.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150700.3.6.1.x86_64",
"product": {
"name": "libexpat-devel-2.7.1-150700.3.6.1.x86_64",
"product_id": "libexpat-devel-2.7.1-150700.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.7.1-150700.3.6.1.x86_64",
"product": {
"name": "libexpat-devel-32bit-2.7.1-150700.3.6.1.x86_64",
"product_id": "libexpat-devel-32bit-2.7.1-150700.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150700.3.6.1.x86_64",
"product": {
"name": "libexpat1-2.7.1-150700.3.6.1.x86_64",
"product_id": "libexpat1-2.7.1-150700.3.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.7.1-150700.3.6.1.x86_64",
"product": {
"name": "libexpat1-32bit-2.7.1-150700.3.6.1.x86_64",
"product_id": "libexpat1-32bit-2.7.1-150700.3.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150700.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.aarch64"
},
"product_reference": "expat-2.7.1-150700.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150700.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.ppc64le"
},
"product_reference": "expat-2.7.1-150700.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150700.3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.s390x"
},
"product_reference": "expat-2.7.1-150700.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150700.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.x86_64"
},
"product_reference": "expat-2.7.1-150700.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150700.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150700.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150700.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-150700.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150700.3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.s390x"
},
"product_reference": "libexpat-devel-2.7.1-150700.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150700.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150700.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150700.3.6.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150700.3.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150700.3.6.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-150700.3.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150700.3.6.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150700.3.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150700.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150700.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150700.3.6.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-32bit-2.7.1-150700.3.6.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150700.3.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59375"
}
],
"notes": [
{
"category": "general",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-32bit-2.7.1-150700.3.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59375",
"url": "https://www.suse.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "SUSE Bug 1249584 for CVE-2025-59375",
"url": "https://bugzilla.suse.com/1249584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-32bit-2.7.1-150700.3.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:expat-2.7.1-150700.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat-devel-2.7.1-150700.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-2.7.1-150700.3.6.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:libexpat1-32bit-2.7.1-150700.3.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-09T08:33:00Z",
"details": "important"
}
],
"title": "CVE-2025-59375"
}
]
}
SUSE-SU-2025:21028-1
Vulnerability from csaf_suse - Published: 2025-11-19 09:39 - Updated: 2025-11-19 09:39Summary
Security update for expat
Notes
Title of the patch
Security update for expat
Description of the patch
This update for expat fixes the following issues:
- CVE-2025-59375: Fixed large dynamic memory allocations via a small document submitted for parsing (bsc#1249584)
Patchnames
SUSE-SL-Micro-6.2-29
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2025-59375: Fixed large dynamic memory allocations via a small document submitted for parsing (bsc#1249584)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-29",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21028-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21028-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521028-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21028-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023405.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249584",
"url": "https://bugzilla.suse.com/1249584"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59375/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-11-19T09:39:18Z",
"generator": {
"date": "2025-11-19T09:39:18Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21028-1",
"initial_release_date": "2025-11-19T09:39:18Z",
"revision_history": [
{
"date": "2025-11-19T09:39:18Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.aarch64",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.aarch64",
"product_id": "libexpat1-2.7.1-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.ppc64le",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.ppc64le",
"product_id": "libexpat1-2.7.1-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.s390x",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.s390x",
"product_id": "libexpat1-2.7.1-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.x86_64",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.x86_64",
"product_id": "libexpat1-2.7.1-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.s390x"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59375"
}
],
"notes": [
{
"category": "general",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59375",
"url": "https://www.suse.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "SUSE Bug 1249584 for CVE-2025-59375",
"url": "https://bugzilla.suse.com/1249584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.s390x",
"SUSE Linux Micro 6.2:libexpat1-2.7.1-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-19T09:39:18Z",
"details": "important"
}
],
"title": "CVE-2025-59375"
}
]
}
SUSE-SU-2025:03536-1
Vulnerability from csaf_suse - Published: 2025-10-10 15:20 - Updated: 2025-10-10 15:20Summary
Security update for expat
Notes
Title of the patch
Security update for expat
Description of the patch
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations
by submitting crafted XML input (bsc#1249584).
Patchnames
SUSE-2025-3536,SUSE-SLE-SERVER-12-SP5-LTSS-2025-3536,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3536
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations\n by submitting crafted XML input (bsc#1249584).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3536,SUSE-SLE-SERVER-12-SP5-LTSS-2025-3536,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-3536",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03536-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03536-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503536-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03536-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-October/042068.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249584",
"url": "https://bugzilla.suse.com/1249584"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59375/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-10-10T15:20:27Z",
"generator": {
"date": "2025-10-10T15:20:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03536-1",
"initial_release_date": "2025-10-10T15:20:27Z",
"revision_history": [
{
"date": "2025-10-10T15:20:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-21.46.1.aarch64",
"product": {
"name": "expat-2.7.1-21.46.1.aarch64",
"product_id": "expat-2.7.1-21.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-21.46.1.aarch64",
"product": {
"name": "libexpat-devel-2.7.1-21.46.1.aarch64",
"product_id": "libexpat-devel-2.7.1-21.46.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-21.46.1.aarch64",
"product": {
"name": "libexpat1-2.7.1-21.46.1.aarch64",
"product_id": "libexpat1-2.7.1-21.46.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat-devel-64bit-2.7.1-21.46.1.aarch64_ilp32",
"product": {
"name": "libexpat-devel-64bit-2.7.1-21.46.1.aarch64_ilp32",
"product_id": "libexpat-devel-64bit-2.7.1-21.46.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libexpat1-64bit-2.7.1-21.46.1.aarch64_ilp32",
"product": {
"name": "libexpat1-64bit-2.7.1-21.46.1.aarch64_ilp32",
"product_id": "libexpat1-64bit-2.7.1-21.46.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-21.46.1.i586",
"product": {
"name": "expat-2.7.1-21.46.1.i586",
"product_id": "expat-2.7.1-21.46.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-21.46.1.i586",
"product": {
"name": "libexpat-devel-2.7.1-21.46.1.i586",
"product_id": "libexpat-devel-2.7.1-21.46.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-21.46.1.i586",
"product": {
"name": "libexpat1-2.7.1-21.46.1.i586",
"product_id": "libexpat1-2.7.1-21.46.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-21.46.1.ppc64le",
"product": {
"name": "expat-2.7.1-21.46.1.ppc64le",
"product_id": "expat-2.7.1-21.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-21.46.1.ppc64le",
"product": {
"name": "libexpat-devel-2.7.1-21.46.1.ppc64le",
"product_id": "libexpat-devel-2.7.1-21.46.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-21.46.1.ppc64le",
"product": {
"name": "libexpat1-2.7.1-21.46.1.ppc64le",
"product_id": "libexpat1-2.7.1-21.46.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-21.46.1.s390",
"product": {
"name": "expat-2.7.1-21.46.1.s390",
"product_id": "expat-2.7.1-21.46.1.s390"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-21.46.1.s390",
"product": {
"name": "libexpat-devel-2.7.1-21.46.1.s390",
"product_id": "libexpat-devel-2.7.1-21.46.1.s390"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-21.46.1.s390",
"product": {
"name": "libexpat1-2.7.1-21.46.1.s390",
"product_id": "libexpat1-2.7.1-21.46.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-21.46.1.s390x",
"product": {
"name": "expat-2.7.1-21.46.1.s390x",
"product_id": "expat-2.7.1-21.46.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-21.46.1.s390x",
"product": {
"name": "libexpat-devel-2.7.1-21.46.1.s390x",
"product_id": "libexpat-devel-2.7.1-21.46.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.7.1-21.46.1.s390x",
"product": {
"name": "libexpat-devel-32bit-2.7.1-21.46.1.s390x",
"product_id": "libexpat-devel-32bit-2.7.1-21.46.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-21.46.1.s390x",
"product": {
"name": "libexpat1-2.7.1-21.46.1.s390x",
"product_id": "libexpat1-2.7.1-21.46.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.7.1-21.46.1.s390x",
"product": {
"name": "libexpat1-32bit-2.7.1-21.46.1.s390x",
"product_id": "libexpat1-32bit-2.7.1-21.46.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-21.46.1.x86_64",
"product": {
"name": "expat-2.7.1-21.46.1.x86_64",
"product_id": "expat-2.7.1-21.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-21.46.1.x86_64",
"product": {
"name": "libexpat-devel-2.7.1-21.46.1.x86_64",
"product_id": "libexpat-devel-2.7.1-21.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.7.1-21.46.1.x86_64",
"product": {
"name": "libexpat-devel-32bit-2.7.1-21.46.1.x86_64",
"product_id": "libexpat-devel-32bit-2.7.1-21.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-21.46.1.x86_64",
"product": {
"name": "libexpat1-2.7.1-21.46.1.x86_64",
"product_id": "libexpat1-2.7.1-21.46.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.7.1-21.46.1.x86_64",
"product": {
"name": "libexpat1-32bit-2.7.1-21.46.1.x86_64",
"product_id": "libexpat1-32bit-2.7.1-21.46.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-21.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.aarch64"
},
"product_reference": "expat-2.7.1-21.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-21.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.ppc64le"
},
"product_reference": "expat-2.7.1-21.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-21.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.s390x"
},
"product_reference": "expat-2.7.1-21.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-21.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.x86_64"
},
"product_reference": "expat-2.7.1-21.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-21.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-21.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-21.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-21.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-21.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.s390x"
},
"product_reference": "libexpat-devel-2.7.1-21.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-21.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-21.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-21.46.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-21.46.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-21.46.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-21.46.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-21.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.s390x"
},
"product_reference": "libexpat1-2.7.1-21.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-21.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-21.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-21.46.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-32bit-2.7.1-21.46.1.s390x"
},
"product_reference": "libexpat1-32bit-2.7.1-21.46.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-21.46.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-32bit-2.7.1-21.46.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-21.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-21.46.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:expat-2.7.1-21.46.1.x86_64"
},
"product_reference": "expat-2.7.1-21.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-21.46.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat-devel-2.7.1-21.46.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-21.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-21.46.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat1-2.7.1-21.46.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-21.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-21.46.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat1-32bit-2.7.1-21.46.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-21.46.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59375"
}
],
"notes": [
{
"category": "general",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-32bit-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-32bit-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:expat-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat-devel-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat1-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat1-32bit-2.7.1-21.46.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59375",
"url": "https://www.suse.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "SUSE Bug 1249584 for CVE-2025-59375",
"url": "https://bugzilla.suse.com/1249584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-32bit-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-32bit-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:expat-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat-devel-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat1-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat1-32bit-2.7.1-21.46.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:expat-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat-devel-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-32bit-2.7.1-21.46.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:libexpat1-32bit-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:expat-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat-devel-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat1-2.7.1-21.46.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:libexpat1-32bit-2.7.1-21.46.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-10T15:20:27Z",
"details": "important"
}
],
"title": "CVE-2025-59375"
}
]
}
SUSE-SU-2025:20868-1
Vulnerability from csaf_suse - Published: 2025-10-22 12:00 - Updated: 2025-10-22 12:00Summary
Security update for expat
Notes
Title of the patch
Security update for expat
Description of the patch
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations
by submitting crafted XML input (bsc#1249584).
Patchnames
SUSE-SLE-Micro-6.0-500
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations\n by submitting crafted XML input (bsc#1249584).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-500",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20868-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20868-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520868-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20868-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023062.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249584",
"url": "https://bugzilla.suse.com/1249584"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59375/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-10-22T12:00:46Z",
"generator": {
"date": "2025-10-22T12:00:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20868-1",
"initial_release_date": "2025-10-22T12:00:46Z",
"revision_history": [
{
"date": "2025-10-22T12:00:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-3.1.aarch64",
"product": {
"name": "libexpat1-2.7.1-3.1.aarch64",
"product_id": "libexpat1-2.7.1-3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-3.1.s390x",
"product": {
"name": "libexpat1-2.7.1-3.1.s390x",
"product_id": "libexpat1-2.7.1-3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-3.1.x86_64",
"product": {
"name": "libexpat1-2.7.1-3.1.x86_64",
"product_id": "libexpat1-2.7.1-3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-3.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-3.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.s390x"
},
"product_reference": "libexpat1-2.7.1-3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-3.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59375"
}
],
"notes": [
{
"category": "general",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59375",
"url": "https://www.suse.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "SUSE Bug 1249584 for CVE-2025-59375",
"url": "https://bugzilla.suse.com/1249584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.aarch64",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.s390x",
"SUSE Linux Micro 6.0:libexpat1-2.7.1-3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-22T12:00:46Z",
"details": "important"
}
],
"title": "CVE-2025-59375"
}
]
}
SUSE-SU-2025:21006-1
Vulnerability from csaf_suse - Published: 2025-11-19 09:39 - Updated: 2025-11-19 09:39Summary
Security update for expat
Notes
Title of the patch
Security update for expat
Description of the patch
This update for expat fixes the following issues:
- CVE-2025-59375: Fixed large dynamic memory allocations via a small document submitted for parsing (bsc#1249584)
Patchnames
SUSE-SLES-16.0-29
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2025-59375: Fixed large dynamic memory allocations via a small document submitted for parsing (bsc#1249584)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-29",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_21006-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:21006-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202521006-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:21006-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023385.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249584",
"url": "https://bugzilla.suse.com/1249584"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59375/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-11-19T09:39:18Z",
"generator": {
"date": "2025-11-19T09:39:18Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:21006-1",
"initial_release_date": "2025-11-19T09:39:18Z",
"revision_history": [
{
"date": "2025-11-19T09:39:18Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-160000.3.1.aarch64",
"product": {
"name": "expat-2.7.1-160000.3.1.aarch64",
"product_id": "expat-2.7.1-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-160000.3.1.aarch64",
"product": {
"name": "libexpat-devel-2.7.1-160000.3.1.aarch64",
"product_id": "libexpat-devel-2.7.1-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.aarch64",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.aarch64",
"product_id": "libexpat1-2.7.1-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-160000.3.1.ppc64le",
"product": {
"name": "expat-2.7.1-160000.3.1.ppc64le",
"product_id": "expat-2.7.1-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-160000.3.1.ppc64le",
"product": {
"name": "libexpat-devel-2.7.1-160000.3.1.ppc64le",
"product_id": "libexpat-devel-2.7.1-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.ppc64le",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.ppc64le",
"product_id": "libexpat1-2.7.1-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-160000.3.1.s390x",
"product": {
"name": "expat-2.7.1-160000.3.1.s390x",
"product_id": "expat-2.7.1-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-160000.3.1.s390x",
"product": {
"name": "libexpat-devel-2.7.1-160000.3.1.s390x",
"product_id": "libexpat-devel-2.7.1-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.s390x",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.s390x",
"product_id": "libexpat1-2.7.1-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-160000.3.1.x86_64",
"product": {
"name": "expat-2.7.1-160000.3.1.x86_64",
"product_id": "expat-2.7.1-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-160000.3.1.x86_64",
"product": {
"name": "libexpat-devel-2.7.1-160000.3.1.x86_64",
"product_id": "libexpat-devel-2.7.1-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.x86_64",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.x86_64",
"product_id": "libexpat1-2.7.1-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.aarch64"
},
"product_reference": "expat-2.7.1-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.ppc64le"
},
"product_reference": "expat-2.7.1-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.s390x"
},
"product_reference": "expat-2.7.1-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.x86_64"
},
"product_reference": "expat-2.7.1-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.s390x"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.s390x"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.aarch64"
},
"product_reference": "expat-2.7.1-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.ppc64le"
},
"product_reference": "expat-2.7.1-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.s390x"
},
"product_reference": "expat-2.7.1-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.x86_64"
},
"product_reference": "expat-2.7.1-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.s390x"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.s390x"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59375"
}
],
"notes": [
{
"category": "general",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59375",
"url": "https://www.suse.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "SUSE Bug 1249584 for CVE-2025-59375",
"url": "https://bugzilla.suse.com/1249584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:expat-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:libexpat1-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 16.0:expat-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 16.0:libexpat1-2.7.1-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-19T09:39:18Z",
"details": "important"
}
],
"title": "CVE-2025-59375"
}
]
}
SUSE-SU-2025:03624-1
Vulnerability from csaf_suse - Published: 2025-10-16 19:59 - Updated: 2025-10-16 19:59Summary
Security update for expat
Notes
Title of the patch
Security update for expat
Description of the patch
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations
by submitting crafted XML input (bsc#1249584).
Patchnames
SUSE-2025-3624,SUSE-SLE-Micro-5.3-2025-3624,SUSE-SLE-Micro-5.4-2025-3624,SUSE-SLE-Micro-5.5-2025-3624,SUSE-SLE-Module-Basesystem-15-SP6-2025-3624,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3624,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3624,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3624,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3624,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3624,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3624,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3624,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3624,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3624,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3624,openSUSE-SLE-15.6-2025-3624
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations\n by submitting crafted XML input (bsc#1249584).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3624,SUSE-SLE-Micro-5.3-2025-3624,SUSE-SLE-Micro-5.4-2025-3624,SUSE-SLE-Micro-5.5-2025-3624,SUSE-SLE-Module-Basesystem-15-SP6-2025-3624,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-3624,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-3624,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-3624,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-3624,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-3624,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-3624,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-3624,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-3624,SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-3624,SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-3624,openSUSE-SLE-15.6-2025-3624",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03624-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03624-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503624-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03624-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-October/042190.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249584",
"url": "https://bugzilla.suse.com/1249584"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59375/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-10-16T19:59:29Z",
"generator": {
"date": "2025-10-16T19:59:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03624-1",
"initial_release_date": "2025-10-16T19:59:29Z",
"revision_history": [
{
"date": "2025-10-16T19:59:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150400.3.31.1.aarch64",
"product": {
"name": "expat-2.7.1-150400.3.31.1.aarch64",
"product_id": "expat-2.7.1-150400.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"product": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"product_id": "libexpat-devel-2.7.1-150400.3.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"product": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"product_id": "libexpat1-2.7.1-150400.3.31.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat-devel-64bit-2.7.1-150400.3.31.1.aarch64_ilp32",
"product": {
"name": "libexpat-devel-64bit-2.7.1-150400.3.31.1.aarch64_ilp32",
"product_id": "libexpat-devel-64bit-2.7.1-150400.3.31.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libexpat1-64bit-2.7.1-150400.3.31.1.aarch64_ilp32",
"product": {
"name": "libexpat1-64bit-2.7.1-150400.3.31.1.aarch64_ilp32",
"product_id": "libexpat1-64bit-2.7.1-150400.3.31.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150400.3.31.1.i586",
"product": {
"name": "expat-2.7.1-150400.3.31.1.i586",
"product_id": "expat-2.7.1-150400.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150400.3.31.1.i586",
"product": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.i586",
"product_id": "libexpat-devel-2.7.1-150400.3.31.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150400.3.31.1.i586",
"product": {
"name": "libexpat1-2.7.1-150400.3.31.1.i586",
"product_id": "libexpat1-2.7.1-150400.3.31.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150400.3.31.1.ppc64le",
"product": {
"name": "expat-2.7.1-150400.3.31.1.ppc64le",
"product_id": "expat-2.7.1-150400.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"product": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"product_id": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150400.3.31.1.ppc64le",
"product": {
"name": "libexpat1-2.7.1-150400.3.31.1.ppc64le",
"product_id": "libexpat1-2.7.1-150400.3.31.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150400.3.31.1.s390x",
"product": {
"name": "expat-2.7.1-150400.3.31.1.s390x",
"product_id": "expat-2.7.1-150400.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150400.3.31.1.s390x",
"product": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.s390x",
"product_id": "libexpat-devel-2.7.1-150400.3.31.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150400.3.31.1.s390x",
"product": {
"name": "libexpat1-2.7.1-150400.3.31.1.s390x",
"product_id": "libexpat1-2.7.1-150400.3.31.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150400.3.31.1.x86_64",
"product": {
"name": "expat-2.7.1-150400.3.31.1.x86_64",
"product_id": "expat-2.7.1-150400.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"product": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"product_id": "libexpat-devel-2.7.1-150400.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.7.1-150400.3.31.1.x86_64",
"product": {
"name": "libexpat-devel-32bit-2.7.1-150400.3.31.1.x86_64",
"product_id": "libexpat-devel-32bit-2.7.1-150400.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"product": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"product_id": "libexpat1-2.7.1-150400.3.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"product": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"product_id": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy LTS 4.3",
"product": {
"name": "SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy-lts:4.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server LTS 4.3",
"product": {
"name": "SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server-lts:4.3"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "expat-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "expat-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:expat-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "expat-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "expat-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "expat-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "expat-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "expat-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:expat-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "expat-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat-devel-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of SUSE Manager Proxy LTS 4.3",
"product_id": "SUSE Manager Proxy LTS 4.3:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.ppc64le as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "expat-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.s390x as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "expat-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.s390x as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.ppc64le as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.s390x as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of SUSE Manager Server LTS 4.3",
"product_id": "SUSE Manager Server LTS 4.3:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server LTS 4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "expat-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "expat-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150400.3.31.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "expat-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150400.3.31.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-32bit-2.7.1-150400.3.31.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libexpat-devel-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat-devel-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150400.3.31.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59375"
}
],
"notes": [
{
"category": "general",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.aarch64",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.ppc64le",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.s390x",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat-devel-32bit-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.aarch64",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.s390x",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59375",
"url": "https://www.suse.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "SUSE Bug 1249584 for CVE-2025-59375",
"url": "https://bugzilla.suse.com/1249584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.aarch64",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.ppc64le",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.s390x",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat-devel-32bit-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.aarch64",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.s390x",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.3:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.4:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Micro 5.5:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP6:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Proxy LTS 4.3:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.ppc64le",
"SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.s390x",
"SUSE Manager Server LTS 4.3:expat-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"SUSE Manager Server LTS 4.3:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.s390x",
"SUSE Manager Server LTS 4.3:libexpat1-2.7.1-150400.3.31.1.x86_64",
"SUSE Manager Server LTS 4.3:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.aarch64",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.ppc64le",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.s390x",
"openSUSE Leap 15.6:expat-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.aarch64",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.ppc64le",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.s390x",
"openSUSE Leap 15.6:libexpat-devel-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat-devel-32bit-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.aarch64",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.ppc64le",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.s390x",
"openSUSE Leap 15.6:libexpat1-2.7.1-150400.3.31.1.x86_64",
"openSUSE Leap 15.6:libexpat1-32bit-2.7.1-150400.3.31.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-16T19:59:29Z",
"details": "important"
}
],
"title": "CVE-2025-59375"
}
]
}
SUSE-SU-2025:20895-1
Vulnerability from csaf_suse - Published: 2025-10-22 12:11 - Updated: 2025-10-22 12:11Summary
Security update for expat
Notes
Title of the patch
Security update for expat
Description of the patch
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations
by submitting crafted XML input (bsc#1249584).
Patchnames
SUSE-SLE-Micro-6.1-315
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations\n by submitting crafted XML input (bsc#1249584).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-315",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20895-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20895-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520895-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20895-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023119.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249584",
"url": "https://bugzilla.suse.com/1249584"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59375/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-10-22T12:11:31Z",
"generator": {
"date": "2025-10-22T12:11:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20895-1",
"initial_release_date": "2025-10-22T12:11:31Z",
"revision_history": [
{
"date": "2025-10-22T12:11:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-slfo.1.1_3.1.aarch64",
"product": {
"name": "libexpat1-2.7.1-slfo.1.1_3.1.aarch64",
"product_id": "libexpat1-2.7.1-slfo.1.1_3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-slfo.1.1_3.1.ppc64le",
"product": {
"name": "libexpat1-2.7.1-slfo.1.1_3.1.ppc64le",
"product_id": "libexpat1-2.7.1-slfo.1.1_3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-slfo.1.1_3.1.s390x",
"product": {
"name": "libexpat1-2.7.1-slfo.1.1_3.1.s390x",
"product_id": "libexpat1-2.7.1-slfo.1.1_3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat1-2.7.1-slfo.1.1_3.1.x86_64",
"product": {
"name": "libexpat1-2.7.1-slfo.1.1_3.1.x86_64",
"product_id": "libexpat1-2.7.1-slfo.1.1_3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-slfo.1.1_3.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-slfo.1.1_3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-slfo.1.1_3.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-slfo.1.1_3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-slfo.1.1_3.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.s390x"
},
"product_reference": "libexpat1-2.7.1-slfo.1.1_3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-slfo.1.1_3.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-slfo.1.1_3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59375"
}
],
"notes": [
{
"category": "general",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59375",
"url": "https://www.suse.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "SUSE Bug 1249584 for CVE-2025-59375",
"url": "https://bugzilla.suse.com/1249584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.aarch64",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.ppc64le",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.s390x",
"SUSE Linux Micro 6.1:libexpat1-2.7.1-slfo.1.1_3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-22T12:11:31Z",
"details": "important"
}
],
"title": "CVE-2025-59375"
}
]
}
SUSE-SU-2025:03537-1
Vulnerability from csaf_suse - Published: 2025-10-10 15:21 - Updated: 2025-10-10 15:21Summary
Security update for expat
Notes
Title of the patch
Security update for expat
Description of the patch
This update for expat fixes the following issues:
- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations
by submitting crafted XML input (bsc#1249584).
Patchnames
SUSE-2025-3537,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3537,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3537,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3537,SUSE-SUSE-MicroOS-5.1-2025-3537,SUSE-SUSE-MicroOS-5.2-2025-3537,SUSE-Storage-7.1-2025-3537
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2025-59375: memory amplification vulnerability allows attackers to trigger excessive dynamic memory allocations\n by submitting crafted XML input (bsc#1249584).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3537,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-3537,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-3537,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-3537,SUSE-SUSE-MicroOS-5.1-2025-3537,SUSE-SUSE-MicroOS-5.2-2025-3537,SUSE-Storage-7.1-2025-3537",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03537-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03537-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503537-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03537-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-October/042069.html"
},
{
"category": "self",
"summary": "SUSE Bug 1249584",
"url": "https://bugzilla.suse.com/1249584"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59375/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-10-10T15:21:54Z",
"generator": {
"date": "2025-10-10T15:21:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03537-1",
"initial_release_date": "2025-10-10T15:21:54Z",
"revision_history": [
{
"date": "2025-10-10T15:21:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150000.3.39.1.aarch64",
"product": {
"name": "expat-2.7.1-150000.3.39.1.aarch64",
"product_id": "expat-2.7.1-150000.3.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"product": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"product_id": "libexpat-devel-2.7.1-150000.3.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150000.3.39.1.aarch64",
"product": {
"name": "libexpat1-2.7.1-150000.3.39.1.aarch64",
"product_id": "libexpat1-2.7.1-150000.3.39.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libexpat-devel-64bit-2.7.1-150000.3.39.1.aarch64_ilp32",
"product": {
"name": "libexpat-devel-64bit-2.7.1-150000.3.39.1.aarch64_ilp32",
"product_id": "libexpat-devel-64bit-2.7.1-150000.3.39.1.aarch64_ilp32"
}
},
{
"category": "product_version",
"name": "libexpat1-64bit-2.7.1-150000.3.39.1.aarch64_ilp32",
"product": {
"name": "libexpat1-64bit-2.7.1-150000.3.39.1.aarch64_ilp32",
"product_id": "libexpat1-64bit-2.7.1-150000.3.39.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150000.3.39.1.i586",
"product": {
"name": "expat-2.7.1-150000.3.39.1.i586",
"product_id": "expat-2.7.1-150000.3.39.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150000.3.39.1.i586",
"product": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.i586",
"product_id": "libexpat-devel-2.7.1-150000.3.39.1.i586"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150000.3.39.1.i586",
"product": {
"name": "libexpat1-2.7.1-150000.3.39.1.i586",
"product_id": "libexpat1-2.7.1-150000.3.39.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150000.3.39.1.ppc64le",
"product": {
"name": "expat-2.7.1-150000.3.39.1.ppc64le",
"product_id": "expat-2.7.1-150000.3.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150000.3.39.1.ppc64le",
"product": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.ppc64le",
"product_id": "libexpat-devel-2.7.1-150000.3.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150000.3.39.1.ppc64le",
"product": {
"name": "libexpat1-2.7.1-150000.3.39.1.ppc64le",
"product_id": "libexpat1-2.7.1-150000.3.39.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150000.3.39.1.s390x",
"product": {
"name": "expat-2.7.1-150000.3.39.1.s390x",
"product_id": "expat-2.7.1-150000.3.39.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150000.3.39.1.s390x",
"product": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.s390x",
"product_id": "libexpat-devel-2.7.1-150000.3.39.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150000.3.39.1.s390x",
"product": {
"name": "libexpat1-2.7.1-150000.3.39.1.s390x",
"product_id": "libexpat1-2.7.1-150000.3.39.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-150000.3.39.1.x86_64",
"product": {
"name": "expat-2.7.1-150000.3.39.1.x86_64",
"product_id": "expat-2.7.1-150000.3.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"product": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"product_id": "libexpat-devel-2.7.1-150000.3.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.7.1-150000.3.39.1.x86_64",
"product": {
"name": "libexpat-devel-32bit-2.7.1-150000.3.39.1.x86_64",
"product_id": "libexpat-devel-32bit-2.7.1-150000.3.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-150000.3.39.1.x86_64",
"product": {
"name": "libexpat1-2.7.1-150000.3.39.1.x86_64",
"product_id": "libexpat1-2.7.1-150000.3.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"product": {
"name": "libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"product_id": "libexpat1-32bit-2.7.1-150000.3.39.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150000.3.39.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.aarch64"
},
"product_reference": "expat-2.7.1-150000.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "expat-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150000.3.39.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.aarch64"
},
"product_reference": "expat-2.7.1-150000.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150000.3.39.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.ppc64le"
},
"product_reference": "expat-2.7.1-150000.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150000.3.39.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.s390x"
},
"product_reference": "expat-2.7.1-150000.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "expat-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-150000.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.s390x"
},
"product_reference": "libexpat-devel-2.7.1-150000.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150000.3.39.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:expat-2.7.1-150000.3.39.1.ppc64le"
},
"product_reference": "expat-2.7.1-150000.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:expat-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "expat-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat-devel-2.7.1-150000.3.39.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-150000.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat-devel-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-2.7.1-150000.3.39.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.s390x"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150000.3.39.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:expat-2.7.1-150000.3.39.1.aarch64"
},
"product_reference": "expat-2.7.1-150000.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-150000.3.39.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:expat-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "expat-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libexpat-devel-2.7.1-150000.3.39.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-150000.3.39.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libexpat-devel-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libexpat1-2.7.1-150000.3.39.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-150000.3.39.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libexpat1-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.1-150000.3.39.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59375"
}
],
"notes": [
{
"category": "general",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:expat-2.7.1-150000.3.39.1.aarch64",
"SUSE Enterprise Storage 7.1:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Enterprise Storage 7.1:libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"SUSE Enterprise Storage 7.1:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Enterprise Storage 7.1:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Enterprise Storage 7.1:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Enterprise Storage 7.1:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:expat-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat-devel-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59375",
"url": "https://www.suse.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "SUSE Bug 1249584 for CVE-2025-59375",
"url": "https://bugzilla.suse.com/1249584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:expat-2.7.1-150000.3.39.1.aarch64",
"SUSE Enterprise Storage 7.1:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Enterprise Storage 7.1:libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"SUSE Enterprise Storage 7.1:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Enterprise Storage 7.1:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Enterprise Storage 7.1:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Enterprise Storage 7.1:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:expat-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat-devel-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:expat-2.7.1-150000.3.39.1.aarch64",
"SUSE Enterprise Storage 7.1:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Enterprise Storage 7.1:libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"SUSE Enterprise Storage 7.1:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Enterprise Storage 7.1:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Enterprise Storage 7.1:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Enterprise Storage 7.1:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Micro 5.2:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:expat-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:expat-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat-devel-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat-devel-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-2.7.1-150000.3.39.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-2.7.1-150000.3.39.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:libexpat1-32bit-2.7.1-150000.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-10T15:21:54Z",
"details": "important"
}
],
"title": "CVE-2025-59375"
}
]
}
RHSA-2025:19020
Vulnerability from csaf_redhat - Published: 2025-10-27 17:46 - Updated: 2026-01-13 22:44Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP2 security update
Notes
Topic
Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 2 is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.
Security Fix(es):
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing [jbcs-httpd-2.4] (CVE-2025-59375)
* libxml2: Heap use after free (UAF) leads to Denial of service (DoS) [jbcs-httpd-2.4] (CVE-2025-49794)
* libxml2: Null pointer dereference leads to Denial of service (DoS) [jbcs-httpd-2.4] (CVE-2025-49795)
* libxml2: Type confusion leads to Denial of service (DoS) [jbcs-httpd-2.4] (CVE-2025-49796)
* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 [jbcs-httpd-2.4] (CVE-2025-6021)
A Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 2 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products and packaged under Red Hat JBoss Core Services, to allow for faster distribution of updates and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.62 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes linked to in the References section.\n\nSecurity Fix(es):\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing [jbcs-httpd-2.4] (CVE-2025-59375)\n* libxml2: Heap use after free (UAF) leads to Denial of service (DoS) [jbcs-httpd-2.4] (CVE-2025-49794)\n* libxml2: Null pointer dereference leads to Denial of service (DoS) [jbcs-httpd-2.4] (CVE-2025-49795)\n* libxml2: Type confusion leads to Denial of service (DoS) [jbcs-httpd-2.4] (CVE-2025-49796)\n* libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 [jbcs-httpd-2.4] (CVE-2025-6021)\n\nA Red Hat Security Bulletin which addresses further details about this flaw is available in the References section.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19020",
"url": "https://access.redhat.com/errata/RHSA-2025:19020"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.62/html/red_hat_jboss_core_services_apache_http_server_2.4.62_service_pack_2_release_notes/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_jboss_core_services/2.4.62/html/red_hat_jboss_core_services_apache_http_server_2.4.62_service_pack_2_release_notes/index"
},
{
"category": "external",
"summary": "2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "2372379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372379"
},
{
"category": "external",
"summary": "2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19020.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP2 security update",
"tracking": {
"current_release_date": "2026-01-13T22:44:10+00:00",
"generator": {
"date": "2026-01-13T22:44:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:19020",
"initial_release_date": "2025-10-27T17:46:24+00:00",
"revision_history": [
{
"date": "2025-10-27T17:46:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-19T16:06:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:44:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services 2.4.62.SP2",
"product": {
"name": "Red Hat JBoss Core Services 2.4.62.SP2",
"product_id": "Red Hat JBoss Core Services 2.4.62.SP2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Ahmed Lekssays"
]
}
],
"cve": "CVE-2025-6021",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2025-06-12T07:55:45.428000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372406"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Moderate due to the lack of confidentiality impact and limited integrity concerns, with the main risk being potential denial-of-service from a crash. Exploitation requires crafted XML input and specific application behavior using xmlBuildQName. While it\u2019s a write overflow, modern mitigations make remote code execution unlikely.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6021"
},
{
"category": "external",
"summary": "RHBZ#2372406",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6021"
}
],
"release_date": "2025-06-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-27T17:46:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 2.4.62.SP2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19020"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code.",
"product_ids": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2"
},
{
"cve": "CVE-2025-49794",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-11T21:33:43.044000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372373"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue was rated with a severity impact of Important by Red Hat Product Security, as libxml can be used to parse XML coming from the network depending on how the program consumes it and uses the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49794"
},
{
"category": "external",
"summary": "RHBZ#2372373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49794"
}
],
"release_date": "2025-06-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-27T17:46:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 2.4.62.SP2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19020"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix.",
"product_ids": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Heap use after free (UAF) leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49795",
"cwe": {
"id": "CWE-825",
"name": "Expired Pointer Dereference"
},
"discovery_date": "2025-06-12T00:31:08.194000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372379"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Null pointer dereference leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Important rather than Moderate due to its triggerability through untrusted input and impact on availability in a widely-used XML processing library like libxml2, which is often embedded in system-level and server-side applications. Although it is \"just\" a NULL pointer dereference\u2014typically classified as a DoS\u2014the context significantly elevates its severity. libxml2 frequently operates in environments that parse external XML content, such as web services, security scanners, and document processors. A crafted XML exploiting malformed XPath in Schematron schemas can reliably crash the application without requiring special privileges or user interaction.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49795"
},
{
"category": "external",
"summary": "RHBZ#2372379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372379"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49795",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49795"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-27T17:46:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 2.4.62.SP2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19020"
},
{
"category": "workaround",
"details": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Null pointer dereference leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-06-12T00:35:26.470000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2372385"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxml: Type confusion leads to Denial of service (DoS)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has evaluated this vulnerability as having an Important security impact, as libxml can be used to parse XML from the network depending on how the program consumes it using the library. Additionally, although the initial report shows a crash due to invalid memory access (A:H), other undefined issues that can present data integrity due to the application overwriting sensitive data are not discarded (I:H).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-49796"
},
{
"category": "external",
"summary": "RHBZ#2372385",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49796"
}
],
"release_date": "2025-06-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-27T17:46:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 2.4.62.SP2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19020"
},
{
"category": "workaround",
"details": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents if the user is unable/unwilling to update the library.",
"product_ids": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libxml: Type confusion leads to Denial of service (DoS)"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-27T17:46:24+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link. You must be logged in to download the update.",
"product_ids": [
"Red Hat JBoss Core Services 2.4.62.SP2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19020"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat JBoss Core Services 2.4.62.SP2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:22035
Vulnerability from csaf_redhat - Published: 2025-11-25 07:17 - Updated: 2026-01-13 22:45Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: internal entity expansion (CVE-2013-0340)
* expat: parsing large tokens can trigger a denial of service (CVE-2023-52425)
* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: internal entity expansion (CVE-2013-0340)\n\n* expat: parsing large tokens can trigger a denial of service (CVE-2023-52425)\n\n* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22035",
"url": "https://access.redhat.com/errata/RHSA-2025:22035"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1000109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000109"
},
{
"category": "external",
"summary": "2262877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262877"
},
{
"category": "external",
"summary": "2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22035.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:45:28+00:00",
"generator": {
"date": "2026-01-13T22:45:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:22035",
"initial_release_date": "2025-11-25T07:17:39+00:00",
"revision_history": [
{
"date": "2025-11-25T07:17:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-25T07:17:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:45:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.0::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-12.el9_0.4.src",
"product": {
"name": "expat-0:2.2.10-12.el9_0.4.src",
"product_id": "expat-0:2.2.10-12.el9_0.4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-12.el9_0.4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-12.el9_0.4.aarch64",
"product": {
"name": "expat-0:2.2.10-12.el9_0.4.aarch64",
"product_id": "expat-0:2.2.10-12.el9_0.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-12.el9_0.4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"product": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"product_id": "expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-12.el9_0.4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"product": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"product_id": "expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-12.el9_0.4?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"product": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"product_id": "expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-12.el9_0.4?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-12.el9_0.4.ppc64le",
"product": {
"name": "expat-0:2.2.10-12.el9_0.4.ppc64le",
"product_id": "expat-0:2.2.10-12.el9_0.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-12.el9_0.4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"product": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"product_id": "expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-12.el9_0.4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"product_id": "expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-12.el9_0.4?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"product": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"product_id": "expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-12.el9_0.4?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-12.el9_0.4.i686",
"product": {
"name": "expat-0:2.2.10-12.el9_0.4.i686",
"product_id": "expat-0:2.2.10-12.el9_0.4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-12.el9_0.4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"product": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"product_id": "expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-12.el9_0.4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"product": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"product_id": "expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-12.el9_0.4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-12.el9_0.4.i686",
"product": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.i686",
"product_id": "expat-devel-0:2.2.10-12.el9_0.4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-12.el9_0.4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-12.el9_0.4.x86_64",
"product": {
"name": "expat-0:2.2.10-12.el9_0.4.x86_64",
"product_id": "expat-0:2.2.10-12.el9_0.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-12.el9_0.4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"product": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"product_id": "expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-12.el9_0.4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"product": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"product_id": "expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-12.el9_0.4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"product": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"product_id": "expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-12.el9_0.4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-12.el9_0.4.s390x",
"product": {
"name": "expat-0:2.2.10-12.el9_0.4.s390x",
"product_id": "expat-0:2.2.10-12.el9_0.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-12.el9_0.4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"product": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"product_id": "expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-12.el9_0.4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"product": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"product_id": "expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-12.el9_0.4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-12.el9_0.4.s390x",
"product": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.s390x",
"product_id": "expat-devel-0:2.2.10-12.el9_0.4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-12.el9_0.4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64"
},
"product_reference": "expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686"
},
"product_reference": "expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x"
},
"product_reference": "expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64"
},
"product_reference": "expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686"
},
"product_reference": "expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le"
},
"product_reference": "expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x"
},
"product_reference": "expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64"
},
"product_reference": "expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686"
},
"product_reference": "expat-devel-0:2.2.10-12.el9_0.4.i686",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le"
},
"product_reference": "expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x"
},
"product_reference": "expat-devel-0:2.2.10-12.el9_0.4.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
},
"product_reference": "expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.src",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-12.el9_0.4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64"
},
"product_reference": "expat-0:2.2.10-12.el9_0.4.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64"
},
"product_reference": "expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686"
},
"product_reference": "expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x"
},
"product_reference": "expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64"
},
"product_reference": "expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686"
},
"product_reference": "expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le"
},
"product_reference": "expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x"
},
"product_reference": "expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-12.el9_0.4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64"
},
"product_reference": "expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686"
},
"product_reference": "expat-devel-0:2.2.10-12.el9_0.4.i686",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le"
},
"product_reference": "expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x"
},
"product_reference": "expat-devel-0:2.2.10-12.el9_0.4.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-12.el9_0.4.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
},
"product_reference": "expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0340",
"discovery_date": "2013-02-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1000109"
}
],
"notes": [
{
"category": "description",
"text": "expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: internal entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0340"
},
{
"category": "external",
"summary": "RHBZ#1000109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000109"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340"
}
],
"release_date": "2013-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-25T07:17:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22035"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: internal entity expansion"
},
{
"cve": "CVE-2023-52425",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2262877"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Expat (libexpat). When parsing a large token that requires multiple buffer fills to complete, Expat has to re-parse the token from start numerous times. This process may trigger excessive resource consumption, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: parsing large tokens can trigger a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified flaw in Expat presents a moderate severity issue due to its potential to facilitate resource exhaustion attacks, particularly in scenarios involving parsing large tokens requiring multiple buffer fills. As Expat repeatedly re-parses such tokens from the beginning, it results in disproportionate resource consumption, leading to a denial-of-service (DoS) condition. While the impact is significant, the exploitation requires specific conditions, such as parsing large tokens, which may not always align with typical usage patterns.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52425"
},
{
"category": "external",
"summary": "RHBZ#2262877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262877"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425"
}
],
"release_date": "2024-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-25T07:17:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22035"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: parsing large tokens can trigger a denial of service"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
},
{
"names": [
"Tomas Korbar",
"Sandipan Roy"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Sebastian Pipping"
],
"organization": "libexpat"
}
],
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-06-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310137"
}
],
"notes": [
{
"category": "description",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All supported Red Hat offerings are built with the compilation flag (-fstack-clash-protection) which reduces the impact to Moderate. This build configuration blocks the possibility of an attacker gaining arbitrary code execution even if a stack-clash vulnerability, like this one, could be exploited.\n\nThis vulnerability is rated Moderate because Red Hat builds use the `-fstack-clash-protection` compiler flag, which mitigates the risk of arbitrary code execution from stack overflows. While the flaw allows a crash via uncontrolled recursion in XML parsing, the hardened stack layout prevents reliable memory corruption, limiting the impact to a Denial of Service (DoS) scenario.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-674: Uncontrolled Recursion vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls ensure that inputs triggering recursion are validated to stay within safe limits, which reduces the risk of infinite or excessive recursion. The implementation of least functionality on the platform further restricts potential impacts of recursions by disabling unnecessary recursive functions or features, thus reducing the available pathways for a would-be attacker. The inclusion of developer testing and evaluation ensures that recursive functions are tested and that safeguards like error handling are in place. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation can limit impacts to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8176"
},
{
"category": "external",
"summary": "RHBZ#2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/893",
"url": "https://github.com/libexpat/libexpat/issues/893"
}
],
"release_date": "2025-03-13T13:51:54.957000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-25T07:17:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22035"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64"
],
"known_not_affected": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-25T07:17:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22035"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"AppStream-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"AppStream-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.src",
"BaseOS-9.0.0.Z.E4S:expat-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debuginfo-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-debugsource-0:2.2.10-12.el9_0.4.x86_64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.aarch64",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.i686",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.ppc64le",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.s390x",
"BaseOS-9.0.0.Z.E4S:expat-devel-0:2.2.10-12.el9_0.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:21974
Vulnerability from csaf_redhat - Published: 2025-11-24 16:17 - Updated: 2026-01-13 22:44Summary
Red Hat Security Advisory: mingw-expat security update
Notes
Topic
An update for mingw-expat is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW.
Security Fix(es):
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for mingw-expat is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. \n\nSecurity Fix(es):\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21974",
"url": "https://access.redhat.com/errata/RHSA-2025:21974"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21974.json"
}
],
"title": "Red Hat Security Advisory: mingw-expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:44:11+00:00",
"generator": {
"date": "2026-01-13T22:44:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:21974",
"initial_release_date": "2025-11-24T16:17:17+00:00",
"revision_history": [
{
"date": "2025-11-24T16:17:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-24T16:17:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:44:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "mingw-expat-0:2.5.0-1.el8_10.src",
"product": {
"name": "mingw-expat-0:2.5.0-1.el8_10.src",
"product_id": "mingw-expat-0:2.5.0-1.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mingw-expat@2.5.0-1.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "mingw32-expat-0:2.5.0-1.el8_10.noarch",
"product": {
"name": "mingw32-expat-0:2.5.0-1.el8_10.noarch",
"product_id": "mingw32-expat-0:2.5.0-1.el8_10.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mingw32-expat@2.5.0-1.el8_10?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mingw64-expat-0:2.5.0-1.el8_10.noarch",
"product": {
"name": "mingw64-expat-0:2.5.0-1.el8_10.noarch",
"product_id": "mingw64-expat-0:2.5.0-1.el8_10.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mingw64-expat@2.5.0-1.el8_10?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mingw32-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"product": {
"name": "mingw32-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"product_id": "mingw32-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mingw32-expat-debuginfo@2.5.0-1.el8_10?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mingw64-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"product": {
"name": "mingw64-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"product_id": "mingw64-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mingw64-expat-debuginfo@2.5.0-1.el8_10?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mingw-expat-0:2.5.0-1.el8_10.src as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw-expat-0:2.5.0-1.el8_10.src"
},
"product_reference": "mingw-expat-0:2.5.0-1.el8_10.src",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mingw32-expat-0:2.5.0-1.el8_10.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw32-expat-0:2.5.0-1.el8_10.noarch"
},
"product_reference": "mingw32-expat-0:2.5.0-1.el8_10.noarch",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mingw32-expat-debuginfo-0:2.5.0-1.el8_10.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw32-expat-debuginfo-0:2.5.0-1.el8_10.noarch"
},
"product_reference": "mingw32-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mingw64-expat-0:2.5.0-1.el8_10.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw64-expat-0:2.5.0-1.el8_10.noarch"
},
"product_reference": "mingw64-expat-0:2.5.0-1.el8_10.noarch",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mingw64-expat-debuginfo-0:2.5.0-1.el8_10.noarch as a component of Red Hat Enterprise Linux CRB (v. 8)",
"product_id": "CRB-8.10.0.Z.MAIN.EUS:mingw64-expat-debuginfo-0:2.5.0-1.el8_10.noarch"
},
"product_reference": "mingw64-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"relates_to_product_reference": "CRB-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"CRB-8.10.0.Z.MAIN.EUS:mingw-expat-0:2.5.0-1.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:mingw32-expat-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw32-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw64-expat-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw64-expat-debuginfo-0:2.5.0-1.el8_10.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-24T16:17:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"CRB-8.10.0.Z.MAIN.EUS:mingw-expat-0:2.5.0-1.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:mingw32-expat-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw32-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw64-expat-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw64-expat-debuginfo-0:2.5.0-1.el8_10.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21974"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"CRB-8.10.0.Z.MAIN.EUS:mingw-expat-0:2.5.0-1.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:mingw32-expat-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw32-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw64-expat-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw64-expat-debuginfo-0:2.5.0-1.el8_10.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CRB-8.10.0.Z.MAIN.EUS:mingw-expat-0:2.5.0-1.el8_10.src",
"CRB-8.10.0.Z.MAIN.EUS:mingw32-expat-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw32-expat-debuginfo-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw64-expat-0:2.5.0-1.el8_10.noarch",
"CRB-8.10.0.Z.MAIN.EUS:mingw64-expat-debuginfo-0:2.5.0-1.el8_10.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:22935
Vulnerability from csaf_redhat - Published: 2025-12-09 14:40 - Updated: 2026-01-13 22:44Summary
Red Hat Security Advisory: Red Hat Update Infrastructure 5 security update
Notes
Topic
The latest release of Red Hat Update Infrastructure. For more details, see the product documentation.
Details
Red Hat Update Infrastructure (RHUI) container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images.
This release updates to the latest version.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The latest release of Red Hat Update Infrastructure. For more details, see the product documentation.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Update Infrastructure (RHUI) container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images.\nThis release updates to the latest version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22935",
"url": "https://access.redhat.com/errata/RHSA-2025:22935"
},
{
"category": "external",
"summary": "https://access.redhat.com/products/red-hat-update-infrastructure",
"url": "https://access.redhat.com/products/red-hat-update-infrastructure"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47906",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_update_infrastructure/5",
"url": "https://docs.redhat.com/en/documentation/red_hat_update_infrastructure/5"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22935.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Update Infrastructure 5 security update",
"tracking": {
"current_release_date": "2026-01-13T22:44:10+00:00",
"generator": {
"date": "2026-01-13T22:44:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:22935",
"initial_release_date": "2025-12-09T14:40:14+00:00",
"revision_history": [
{
"date": "2025-12-09T14:40:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-09T14:40:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:44:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Update Infrastructure 5",
"product": {
"name": "Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhui:5::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Update Infrastructure"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"product": {
"name": "registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"product_id": "registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cds-rhel9@sha256%3Aa71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6?arch=amd64\u0026repository_url=registry.redhat.io/rhui5"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"product": {
"name": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"product_id": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/haproxy-rhel9@sha256%3A67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed?arch=amd64\u0026repository_url=registry.redhat.io/rhui5"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64",
"product": {
"name": "registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64",
"product_id": "registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/installer-rhel9@sha256%3A8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd?arch=amd64\u0026repository_url=registry.redhat.io/rhui5"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64",
"product": {
"name": "registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64",
"product_id": "registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhua-rhel9@sha256%3A72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824?arch=amd64\u0026repository_url=registry.redhat.io/rhui5"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64"
},
"product_reference": "registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64"
},
"product_reference": "registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64"
},
"product_reference": "registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64 as a component of Red Hat Update Infrastructure 5",
"product_id": "Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64"
},
"product_reference": "registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64",
"relates_to_product_reference": "Red Hat Update Infrastructure 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47906",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-18T19:00:47.541046+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396546"
}
],
"notes": [
{
"category": "description",
"text": "If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os/exec: Unexpected paths returned from LookPath in os/exec",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-440: Expected Behavior Violation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess enforcement and least privilege limit user actions to only those explicitly permitted, reducing the risk of behavior outside defined boundaries. System configurations follow hardened baselines that disable unnecessary features and restrict execution to approved functions. Boundary protection isolates workloads and validates traffic to ensure interaction occurs only through authorized interfaces. Systems are designed to fail in a known state during unexpected input or failure to maintain stability. Additionally, real-time monitoring detects behavioral deviations, enabling timely response and containment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64"
],
"known_not_affected": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "RHBZ#2396546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://go.dev/cl/691775",
"url": "https://go.dev/cl/691775"
},
{
"category": "external",
"summary": "https://go.dev/issue/74466",
"url": "https://go.dev/issue/74466"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3956",
"url": "https://pkg.go.dev/vuln/GO-2025-3956"
}
],
"release_date": "2025-09-18T18:41:11.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T14:40:14+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22935"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "os/exec: Unexpected paths returned from LookPath in os/exec"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T14:40:14+00:00",
"details": "The container images provided by this release, apart from the installer, should be deployed using rhui-installer utility.\nSee the official documentation for more details.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22935"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/cds-rhel9@sha256:a71cf22ac5a6c6488f6fd261b37ed423fb7f8ae21716d57542cb964908e5dff6_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/haproxy-rhel9@sha256:67ea913cd9963ae2863633501da0fe05ddbdb6064d1f6ca9597649e44665f0ed_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/installer-rhel9@sha256:8641fa15608fbbb0d27c4b958cfaf52ca32f39f2b06b0b3e6d41c33ae902edbd_amd64",
"Red Hat Update Infrastructure 5:registry.redhat.io/rhui5/rhua-rhel9@sha256:72ac7afb81d57da7ee569790df6697785afe8f5b1379f3f6d3df5fc1ad741824_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:21030
Vulnerability from csaf_redhat - Published: 2025-11-11 19:57 - Updated: 2026-01-13 22:36Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21030",
"url": "https://access.redhat.com/errata/RHSA-2025:21030"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21030.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:36:02+00:00",
"generator": {
"date": "2026-01-13T22:36:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:21030",
"initial_release_date": "2025-11-11T19:57:21+00:00",
"revision_history": [
{
"date": "2025-11-11T19:57:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-11T19:57:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:36:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.7.1-1.el10_1.3.x86_64",
"product": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.x86_64",
"product_id": "expat-devel-0:2.7.1-1.el10_1.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.7.1-1.el10_1.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"product": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"product_id": "expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.7.1-1.el10_1.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"product": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"product_id": "expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.7.1-1.el10_1.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.7.1-1.el10_1.3.x86_64",
"product": {
"name": "expat-0:2.7.1-1.el10_1.3.x86_64",
"product_id": "expat-0:2.7.1-1.el10_1.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.7.1-1.el10_1.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.7.1-1.el10_1.3.s390x",
"product": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.s390x",
"product_id": "expat-devel-0:2.7.1-1.el10_1.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.7.1-1.el10_1.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"product": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"product_id": "expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.7.1-1.el10_1.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"product": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"product_id": "expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.7.1-1.el10_1.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.7.1-1.el10_1.3.s390x",
"product": {
"name": "expat-0:2.7.1-1.el10_1.3.s390x",
"product_id": "expat-0:2.7.1-1.el10_1.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.7.1-1.el10_1.3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"product": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"product_id": "expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.7.1-1.el10_1.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"product": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"product_id": "expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.7.1-1.el10_1.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"product": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"product_id": "expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.7.1-1.el10_1.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.7.1-1.el10_1.3.aarch64",
"product": {
"name": "expat-0:2.7.1-1.el10_1.3.aarch64",
"product_id": "expat-0:2.7.1-1.el10_1.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.7.1-1.el10_1.3?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"product": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"product_id": "expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.7.1-1.el10_1.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"product": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"product_id": "expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.7.1-1.el10_1.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"product_id": "expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.7.1-1.el10_1.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.7.1-1.el10_1.3.ppc64le",
"product": {
"name": "expat-0:2.7.1-1.el10_1.3.ppc64le",
"product_id": "expat-0:2.7.1-1.el10_1.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.7.1-1.el10_1.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.7.1-1.el10_1.3.src",
"product": {
"name": "expat-0:2.7.1-1.el10_1.3.src",
"product_id": "expat-0:2.7.1-1.el10_1.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.7.1-1.el10_1.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_1.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.aarch64"
},
"product_reference": "expat-0:2.7.1-1.el10_1.3.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_1.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.ppc64le"
},
"product_reference": "expat-0:2.7.1-1.el10_1.3.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_1.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.s390x"
},
"product_reference": "expat-0:2.7.1-1.el10_1.3.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_1.3.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.src"
},
"product_reference": "expat-0:2.7.1-1.el10_1.3.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_1.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.x86_64"
},
"product_reference": "expat-0:2.7.1-1.el10_1.3.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.s390x"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.aarch64"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.s390x"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.x86_64"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.aarch64"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.ppc64le"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.s390x"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_1.3.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.x86_64"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_1.3.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_1.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.aarch64"
},
"product_reference": "expat-0:2.7.1-1.el10_1.3.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_1.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.ppc64le"
},
"product_reference": "expat-0:2.7.1-1.el10_1.3.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_1.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.s390x"
},
"product_reference": "expat-0:2.7.1-1.el10_1.3.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_1.3.src as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.src"
},
"product_reference": "expat-0:2.7.1-1.el10_1.3.src",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_1.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.x86_64"
},
"product_reference": "expat-0:2.7.1-1.el10_1.3.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.s390x"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.aarch64"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.s390x"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_1.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.x86_64"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.aarch64"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.ppc64le"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.s390x"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_1.3.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_1.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.x86_64"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_1.3.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.src",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.src",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-11T19:57:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.src",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.src",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21030"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.src",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.src",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.src",
"AppStream-10.1.Z:expat-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.s390x",
"AppStream-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.src",
"BaseOS-10.1.Z:expat-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-debuginfo-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-debugsource-0:2.7.1-1.el10_1.3.x86_64",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.aarch64",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.ppc64le",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.s390x",
"BaseOS-10.1.Z:expat-devel-0:2.7.1-1.el10_1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:23449
Vulnerability from csaf_redhat - Published: 2025-12-17 08:22 - Updated: 2026-01-14 10:18Summary
Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (ROCm)
Notes
Topic
Red Hat AI Inference Server 3.2.5 (ROCm) is now available.
Details
Red Hat® AI Inference Server
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.5 (ROCm) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23449",
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47906",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62164",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62372",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23449.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (ROCm)",
"tracking": {
"current_release_date": "2026-01-14T10:18:18+00:00",
"generator": {
"date": "2026-01-14T10:18:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:23449",
"initial_release_date": "2025-12-17T08:22:31+00:00",
"revision_history": [
{
"date": "2025-12-17T08:22:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-17T08:22:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-14T10:18:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-rocm-rhel9@sha256%3Ac5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.5-1765552603"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-787: Out-of-bounds Write or a CWE-125: Out-of-bounds Read vulnerability, and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines and baseline configurations to ensure secure system and software settings, while least functionality reduces the attack surface by disabling unnecessary services and ports. Rigorous development practices, including static analysis, input validation, and error handling, detect and mitigate memory vulnerabilities before deployment. Process isolation and memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) preserve memory integrity by confining faults to individual workloads and preventing unauthorized access. Malicious code protections and continuous system monitoring detect anomalous memory activity and exploitation attempts, reducing the likelihood and impact of out-of-bounds read and write vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-606: Unchecked Input for Loop Condition vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls are in place, which ensure that any input controlling loop behavior is validated against strict criteria like type, length, and range before being processed. This prevents malicious or abnormal inputs from causing excessive or infinite iterations, thereby avoiding logic errors or system overloads. Memory protection controls such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) protect the system\u2019s memory from overuse or corruption if an unchecked input were to cause a loop to execute excessively. It ensures that memory is safely allocated and accessed, reducing the risks of buffer overflows, resource exhaustion, or crashes. Lastly, the implementation of security engineering principles dictates the use of secure coding practices, such as input validation, loop iteration limits, and error handling, are integrated during system design and development.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-47906",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-18T19:00:47.541046+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396546"
}
],
"notes": [
{
"category": "description",
"text": "If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os/exec: Unexpected paths returned from LookPath in os/exec",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-440: Expected Behavior Violation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess enforcement and least privilege limit user actions to only those explicitly permitted, reducing the risk of behavior outside defined boundaries. System configurations follow hardened baselines that disable unnecessary features and restrict execution to approved functions. Boundary protection isolates workloads and validates traffic to ensure interaction occurs only through authorized interfaces. Systems are designed to fail in a known state during unexpected input or failure to maintain stability. Additionally, real-time monitoring detects behavioral deviations, enabling timely response and containment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "RHBZ#2396546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://go.dev/cl/691775",
"url": "https://go.dev/cl/691775"
},
{
"category": "external",
"summary": "https://go.dev/issue/74466",
"url": "https://go.dev/issue/74466"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3956",
"url": "https://pkg.go.dev/vuln/GO-2025-3956"
}
],
"release_date": "2025-09-18T18:41:11.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "os/exec: Unexpected paths returned from LookPath in os/exec"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-62164",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-21T02:01:11.280042+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416282"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered important rather than moderate because it involves unsafe deserialization leading to memory corruption in a network-reachable, unauthenticated API path. Unlike typical moderate flaws that may only allow limited DoS or require specific conditions, this issue allows an attacker to supply a crafted sparse tensor that triggers an out-of-bounds memory write during PyTorch\u2019s to_dense() conversion. Memory corruption in a server process handling untrusted input significantly elevates security risk because it can lead not only to a reliable crash but also to potential remote code execution, enabling full compromise of the vLLM service. Additionally, the affected code path is part of the standard Completions API workflow, making the attack surface broadly exposed in real deployments. The combination of remote exploitability, unauthenticated access, memory corruption, and potential RCE clearly positions this issue above a moderate classification and into an important severity level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "RHBZ#2416282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf"
}
],
"release_date": "2025-11-21T01:18:38.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE"
},
{
"cve": "CVE-2025-62372",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2025-11-21T02:00:57.180567+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416280"
}
],
"notes": [
{
"category": "description",
"text": "vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, users can crash the vLLM engine serving multimodal models by passing multimodal embedding inputs with correct ndim but incorrect shape (e.g. hidden dimension is wrong), regardless of whether the model is intended to support such inputs (as defined in the Supported Models page). This issue has been patched in version 0.11.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated Moderate rather than Important because its impact is strictly limited to availability and requires low but existing privileges to exploit. The issue arises from incomplete shape validation of multimodal embedding tensors, which can cause deterministic crashes in the inference engine, but it does not enable memory corruption, data leakage, integrity compromise, or execution of arbitrary code. Exploitation requires an authenticated or API-key-holding user to submit malformed multimodal inputs, meaning it cannot be triggered by an unauthenticated attacker on an exposed endpoint. Additionally, the failure mode is a clean crash rather than undefined behavior, so the blast radius is constrained to service interruption rather than broader systemic compromise. These factors\u2014PR:L requirement, no confidentiality/integrity impact, deterministic failure mode, and scoped DoS only\u2014technically align the issue with Moderate severity instead of an Important flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "RHBZ#2416280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/6613",
"url": "https://github.com/vllm-project/vllm/pull/6613"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw"
}
],
"release_date": "2025-11-21T01:22:37.121000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T08:22:31+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23449",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:c5efe40fa2a6e98d7d3d6676befff0dbbd87b2887769bb7e5856c5b0b0ada125_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
}
]
}
RHSA-2025:23209
Vulnerability from csaf_redhat - Published: 2025-12-15 15:50 - Updated: 2026-01-14 10:18Summary
Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (TPU)
Notes
Topic
Red Hat AI Inference Server 3.2.5 (TPU) is now available.
Details
Red Hat® AI Inference Server
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.5 (TPU) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23209",
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62372",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62164",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23209.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (TPU)",
"tracking": {
"current_release_date": "2026-01-14T10:18:14+00:00",
"generator": {
"date": "2026-01-14T10:18:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:23209",
"initial_release_date": "2025-12-15T15:50:15+00:00",
"revision_history": [
{
"date": "2025-12-15T15:50:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-15T15:50:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-14T10:18:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-tpu-rhel9@sha256%3A64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.5-1765552619"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-787: Out-of-bounds Write or a CWE-125: Out-of-bounds Read vulnerability, and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines and baseline configurations to ensure secure system and software settings, while least functionality reduces the attack surface by disabling unnecessary services and ports. Rigorous development practices, including static analysis, input validation, and error handling, detect and mitigate memory vulnerabilities before deployment. Process isolation and memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) preserve memory integrity by confining faults to individual workloads and preventing unauthorized access. Malicious code protections and continuous system monitoring detect anomalous memory activity and exploitation attempts, reducing the likelihood and impact of out-of-bounds read and write vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-606: Unchecked Input for Loop Condition vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls are in place, which ensure that any input controlling loop behavior is validated against strict criteria like type, length, and range before being processed. This prevents malicious or abnormal inputs from causing excessive or infinite iterations, thereby avoiding logic errors or system overloads. Memory protection controls such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) protect the system\u2019s memory from overuse or corruption if an unchecked input were to cause a loop to execute excessively. It ensures that memory is safely allocated and accessed, reducing the risks of buffer overflows, resource exhaustion, or crashes. Lastly, the implementation of security engineering principles dictates the use of secure coding practices, such as input validation, loop iteration limits, and error handling, are integrated during system design and development.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-62164",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-21T02:01:11.280042+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416282"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered important rather than moderate because it involves unsafe deserialization leading to memory corruption in a network-reachable, unauthenticated API path. Unlike typical moderate flaws that may only allow limited DoS or require specific conditions, this issue allows an attacker to supply a crafted sparse tensor that triggers an out-of-bounds memory write during PyTorch\u2019s to_dense() conversion. Memory corruption in a server process handling untrusted input significantly elevates security risk because it can lead not only to a reliable crash but also to potential remote code execution, enabling full compromise of the vLLM service. Additionally, the affected code path is part of the standard Completions API workflow, making the attack surface broadly exposed in real deployments. The combination of remote exploitability, unauthenticated access, memory corruption, and potential RCE clearly positions this issue above a moderate classification and into an important severity level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "RHBZ#2416282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf"
}
],
"release_date": "2025-11-21T01:18:38.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE"
},
{
"cve": "CVE-2025-62372",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2025-11-21T02:00:57.180567+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416280"
}
],
"notes": [
{
"category": "description",
"text": "vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, users can crash the vLLM engine serving multimodal models by passing multimodal embedding inputs with correct ndim but incorrect shape (e.g. hidden dimension is wrong), regardless of whether the model is intended to support such inputs (as defined in the Supported Models page). This issue has been patched in version 0.11.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated Moderate rather than Important because its impact is strictly limited to availability and requires low but existing privileges to exploit. The issue arises from incomplete shape validation of multimodal embedding tensors, which can cause deterministic crashes in the inference engine, but it does not enable memory corruption, data leakage, integrity compromise, or execution of arbitrary code. Exploitation requires an authenticated or API-key-holding user to submit malformed multimodal inputs, meaning it cannot be triggered by an unauthenticated attacker on an exposed endpoint. Additionally, the failure mode is a clean crash rather than undefined behavior, so the blast radius is constrained to service interruption rather than broader systemic compromise. These factors\u2014PR:L requirement, no confidentiality/integrity impact, deterministic failure mode, and scoped DoS only\u2014technically align the issue with Moderate severity instead of an Important flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "RHBZ#2416280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/6613",
"url": "https://github.com/vllm-project/vllm/pull/6613"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw"
}
],
"release_date": "2025-11-21T01:22:37.121000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:50:15+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23209",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23209"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-tpu-rhel9@sha256:64796b48c68d31973a08e22c9530c39b1bc3ba9f376bbefa57643ef0fc857534_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
}
]
}
RHSA-2025:22175
Vulnerability from csaf_redhat - Published: 2025-11-26 11:07 - Updated: 2026-01-13 22:40Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22175",
"url": "https://access.redhat.com/errata/RHSA-2025:22175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22175.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:40:43+00:00",
"generator": {
"date": "2026-01-13T22:40:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:22175",
"initial_release_date": "2025-11-26T11:07:19+00:00",
"revision_history": [
{
"date": "2025-11-26T11:07:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-26T11:07:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:40:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-5.el9_7.1.s390x",
"product": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.s390x",
"product_id": "expat-devel-0:2.5.0-5.el9_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-5.el9_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"product": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"product_id": "expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-5.el9_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"product": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"product_id": "expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-5.el9_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_7.1.s390x",
"product": {
"name": "expat-0:2.5.0-5.el9_7.1.s390x",
"product_id": "expat-0:2.5.0-5.el9_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_7.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"product": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"product_id": "expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-5.el9_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"product": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"product_id": "expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-5.el9_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"product": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"product_id": "expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-5.el9_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_7.1.aarch64",
"product": {
"name": "expat-0:2.5.0-5.el9_7.1.aarch64",
"product_id": "expat-0:2.5.0-5.el9_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_7.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"product": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"product_id": "expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-5.el9_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"product": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"product_id": "expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-5.el9_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"product_id": "expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-5.el9_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_7.1.ppc64le",
"product": {
"name": "expat-0:2.5.0-5.el9_7.1.ppc64le",
"product_id": "expat-0:2.5.0-5.el9_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_7.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-5.el9_7.1.i686",
"product": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.i686",
"product_id": "expat-devel-0:2.5.0-5.el9_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-5.el9_7.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"product": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"product_id": "expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-5.el9_7.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"product": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"product_id": "expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-5.el9_7.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_7.1.i686",
"product": {
"name": "expat-0:2.5.0-5.el9_7.1.i686",
"product_id": "expat-0:2.5.0-5.el9_7.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_7.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-5.el9_7.1.x86_64",
"product": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.x86_64",
"product_id": "expat-devel-0:2.5.0-5.el9_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-5.el9_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"product": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"product_id": "expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-5.el9_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"product": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"product_id": "expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-5.el9_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_7.1.x86_64",
"product": {
"name": "expat-0:2.5.0-5.el9_7.1.x86_64",
"product_id": "expat-0:2.5.0-5.el9_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_7.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_7.1.src",
"product": {
"name": "expat-0:2.5.0-5.el9_7.1.src",
"product_id": "expat-0:2.5.0-5.el9_7.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_7.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.aarch64"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.i686"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.ppc64le"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.s390x"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.src"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.src",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.x86_64"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.i686"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.s390x"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.aarch64"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.i686"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.s390x"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.x86_64"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.aarch64"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.i686 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.i686"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_7.1.i686",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.ppc64le"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.s390x"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_7.1.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.x86_64"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_7.1.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.aarch64"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.i686"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.i686",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.ppc64le"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.s390x"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.src"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.src",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.x86_64"
},
"product_reference": "expat-0:2.5.0-5.el9_7.1.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.i686"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.s390x"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.aarch64"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.i686"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.s390x"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.x86_64"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.aarch64"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.i686"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_7.1.i686",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.ppc64le"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.s390x"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_7.1.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.x86_64"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_7.1.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.src",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-26T11:07:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.src",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22175"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.src",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.src",
"AppStream-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.i686",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.s390x",
"AppStream-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.src",
"BaseOS-9.7.0.Z.MAIN:expat-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-debuginfo-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-debugsource-0:2.5.0-5.el9_7.1.x86_64",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.aarch64",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.i686",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.ppc64le",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.s390x",
"BaseOS-9.7.0.Z.MAIN:expat-devel-0:2.5.0-5.el9_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:23205
Vulnerability from csaf_redhat - Published: 2025-12-15 15:38 - Updated: 2026-01-14 10:18Summary
Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (ROCm)
Notes
Topic
Red Hat AI Inference Server 3.2.5 (ROCm) is now available.
Details
Red Hat® AI Inference Server
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.5 (ROCm) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23205",
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47906",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62164",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62372",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23205.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (ROCm)",
"tracking": {
"current_release_date": "2026-01-14T10:18:11+00:00",
"generator": {
"date": "2026-01-14T10:18:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:23205",
"initial_release_date": "2025-12-15T15:38:07+00:00",
"revision_history": [
{
"date": "2025-12-15T15:38:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-15T15:38:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-14T10:18:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-rocm-rhel9@sha256%3Ae3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.5-1765361180"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-787: Out-of-bounds Write or a CWE-125: Out-of-bounds Read vulnerability, and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines and baseline configurations to ensure secure system and software settings, while least functionality reduces the attack surface by disabling unnecessary services and ports. Rigorous development practices, including static analysis, input validation, and error handling, detect and mitigate memory vulnerabilities before deployment. Process isolation and memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) preserve memory integrity by confining faults to individual workloads and preventing unauthorized access. Malicious code protections and continuous system monitoring detect anomalous memory activity and exploitation attempts, reducing the likelihood and impact of out-of-bounds read and write vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:07+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23205",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-606: Unchecked Input for Loop Condition vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls are in place, which ensure that any input controlling loop behavior is validated against strict criteria like type, length, and range before being processed. This prevents malicious or abnormal inputs from causing excessive or infinite iterations, thereby avoiding logic errors or system overloads. Memory protection controls such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) protect the system\u2019s memory from overuse or corruption if an unchecked input were to cause a loop to execute excessively. It ensures that memory is safely allocated and accessed, reducing the risks of buffer overflows, resource exhaustion, or crashes. Lastly, the implementation of security engineering principles dictates the use of secure coding practices, such as input validation, loop iteration limits, and error handling, are integrated during system design and development.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:07+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23205",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:07+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23205",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:07+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23205",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-47906",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-18T19:00:47.541046+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396546"
}
],
"notes": [
{
"category": "description",
"text": "If the PATH environment variable contains paths which are executables (rather than just directories), passing certain strings to LookPath (\"\", \".\", and \"..\"), can result in the binaries listed in the PATH being unexpectedly returned.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "os/exec: Unexpected paths returned from LookPath in os/exec",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-440: Expected Behavior Violation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess enforcement and least privilege limit user actions to only those explicitly permitted, reducing the risk of behavior outside defined boundaries. System configurations follow hardened baselines that disable unnecessary features and restrict execution to approved functions. Boundary protection isolates workloads and validates traffic to ensure interaction occurs only through authorized interfaces. Systems are designed to fail in a known state during unexpected input or failure to maintain stability. Additionally, real-time monitoring detects behavioral deviations, enabling timely response and containment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47906"
},
{
"category": "external",
"summary": "RHBZ#2396546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396546"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47906"
},
{
"category": "external",
"summary": "https://go.dev/cl/691775",
"url": "https://go.dev/cl/691775"
},
{
"category": "external",
"summary": "https://go.dev/issue/74466",
"url": "https://go.dev/issue/74466"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3956",
"url": "https://pkg.go.dev/vuln/GO-2025-3956"
}
],
"release_date": "2025-09-18T18:41:11.847000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:07+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23205",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "os/exec: Unexpected paths returned from LookPath in os/exec"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:07+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23205",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:07+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23205",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-62164",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-21T02:01:11.280042+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416282"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered important rather than moderate because it involves unsafe deserialization leading to memory corruption in a network-reachable, unauthenticated API path. Unlike typical moderate flaws that may only allow limited DoS or require specific conditions, this issue allows an attacker to supply a crafted sparse tensor that triggers an out-of-bounds memory write during PyTorch\u2019s to_dense() conversion. Memory corruption in a server process handling untrusted input significantly elevates security risk because it can lead not only to a reliable crash but also to potential remote code execution, enabling full compromise of the vLLM service. Additionally, the affected code path is part of the standard Completions API workflow, making the attack surface broadly exposed in real deployments. The combination of remote exploitability, unauthenticated access, memory corruption, and potential RCE clearly positions this issue above a moderate classification and into an important severity level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "RHBZ#2416282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf"
}
],
"release_date": "2025-11-21T01:18:38.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:07+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23205",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE"
},
{
"cve": "CVE-2025-62372",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2025-11-21T02:00:57.180567+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416280"
}
],
"notes": [
{
"category": "description",
"text": "vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, users can crash the vLLM engine serving multimodal models by passing multimodal embedding inputs with correct ndim but incorrect shape (e.g. hidden dimension is wrong), regardless of whether the model is intended to support such inputs (as defined in the Supported Models page). This issue has been patched in version 0.11.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated Moderate rather than Important because its impact is strictly limited to availability and requires low but existing privileges to exploit. The issue arises from incomplete shape validation of multimodal embedding tensors, which can cause deterministic crashes in the inference engine, but it does not enable memory corruption, data leakage, integrity compromise, or execution of arbitrary code. Exploitation requires an authenticated or API-key-holding user to submit malformed multimodal inputs, meaning it cannot be triggered by an unauthenticated attacker on an exposed endpoint. Additionally, the failure mode is a clean crash rather than undefined behavior, so the blast radius is constrained to service interruption rather than broader systemic compromise. These factors\u2014PR:L requirement, no confidentiality/integrity impact, deterministic failure mode, and scoped DoS only\u2014technically align the issue with Moderate severity instead of an Important flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "RHBZ#2416280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/6613",
"url": "https://github.com/vllm-project/vllm/pull/6613"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw"
}
],
"release_date": "2025-11-21T01:22:37.121000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:07+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23205",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:07+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23205",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:07+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23205",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23205"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:e3b3efcdd86f60b90664a249d45918b2ac5f45bae5eed5399e310d63e878b287_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
}
]
}
RHSA-2025:22034
Vulnerability from csaf_redhat - Published: 2025-11-25 07:36 - Updated: 2026-01-13 22:35Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22034",
"url": "https://access.redhat.com/errata/RHSA-2025:22034"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22034.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:35:35+00:00",
"generator": {
"date": "2026-01-13T22:35:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:22034",
"initial_release_date": "2025-11-25T07:36:20+00:00",
"revision_history": [
{
"date": "2025-11-25T07:36:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-25T07:36:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:35:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el9_2.3.src",
"product": {
"name": "expat-0:2.5.0-1.el9_2.3.src",
"product_id": "expat-0:2.5.0-1.el9_2.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el9_2.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el9_2.3.aarch64",
"product": {
"name": "expat-0:2.5.0-1.el9_2.3.aarch64",
"product_id": "expat-0:2.5.0-1.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el9_2.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"product": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"product_id": "expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-1.el9_2.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"product": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"product_id": "expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-1.el9_2.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"product": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"product_id": "expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-1.el9_2.3?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el9_2.3.ppc64le",
"product": {
"name": "expat-0:2.5.0-1.el9_2.3.ppc64le",
"product_id": "expat-0:2.5.0-1.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el9_2.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"product": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"product_id": "expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-1.el9_2.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"product_id": "expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-1.el9_2.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"product": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"product_id": "expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-1.el9_2.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el9_2.3.i686",
"product": {
"name": "expat-0:2.5.0-1.el9_2.3.i686",
"product_id": "expat-0:2.5.0-1.el9_2.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el9_2.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"product": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"product_id": "expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-1.el9_2.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"product": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"product_id": "expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-1.el9_2.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-1.el9_2.3.i686",
"product": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.i686",
"product_id": "expat-devel-0:2.5.0-1.el9_2.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-1.el9_2.3?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el9_2.3.x86_64",
"product": {
"name": "expat-0:2.5.0-1.el9_2.3.x86_64",
"product_id": "expat-0:2.5.0-1.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el9_2.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"product": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"product_id": "expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-1.el9_2.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"product": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"product_id": "expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-1.el9_2.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"product": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"product_id": "expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-1.el9_2.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el9_2.3.s390x",
"product": {
"name": "expat-0:2.5.0-1.el9_2.3.s390x",
"product_id": "expat-0:2.5.0-1.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el9_2.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"product": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"product_id": "expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-1.el9_2.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"product": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"product_id": "expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-1.el9_2.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-1.el9_2.3.s390x",
"product": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.s390x",
"product_id": "expat-devel-0:2.5.0-1.el9_2.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-1.el9_2.3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64"
},
"product_reference": "expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.i686 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686"
},
"product_reference": "expat-devel-0:2.5.0-1.el9_2.3.i686",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le"
},
"product_reference": "expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x"
},
"product_reference": "expat-devel-0:2.5.0-1.el9_2.3.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64"
},
"product_reference": "expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.src",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64"
},
"product_reference": "expat-0:2.5.0-1.el9_2.3.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64"
},
"product_reference": "expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686"
},
"product_reference": "expat-devel-0:2.5.0-1.el9_2.3.i686",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le"
},
"product_reference": "expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x"
},
"product_reference": "expat-devel-0:2.5.0-1.el9_2.3.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el9_2.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64"
},
"product_reference": "expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
},
{
"names": [
"Tomas Korbar",
"Sandipan Roy"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Sebastian Pipping"
],
"organization": "libexpat"
}
],
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-06-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310137"
}
],
"notes": [
{
"category": "description",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All supported Red Hat offerings are built with the compilation flag (-fstack-clash-protection) which reduces the impact to Moderate. This build configuration blocks the possibility of an attacker gaining arbitrary code execution even if a stack-clash vulnerability, like this one, could be exploited.\n\nThis vulnerability is rated Moderate because Red Hat builds use the `-fstack-clash-protection` compiler flag, which mitigates the risk of arbitrary code execution from stack overflows. While the flaw allows a crash via uncontrolled recursion in XML parsing, the hardened stack layout prevents reliable memory corruption, limiting the impact to a Denial of Service (DoS) scenario.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-674: Uncontrolled Recursion vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls ensure that inputs triggering recursion are validated to stay within safe limits, which reduces the risk of infinite or excessive recursion. The implementation of least functionality on the platform further restricts potential impacts of recursions by disabling unnecessary recursive functions or features, thus reducing the available pathways for a would-be attacker. The inclusion of developer testing and evaluation ensures that recursive functions are tested and that safeguards like error handling are in place. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation can limit impacts to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64"
],
"known_not_affected": [
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8176"
},
{
"category": "external",
"summary": "RHBZ#2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/893",
"url": "https://github.com/libexpat/libexpat/issues/893"
}
],
"release_date": "2025-03-13T13:51:54.957000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-25T07:36:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22034"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64"
],
"known_not_affected": [
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-25T07:36:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22034"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"AppStream-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"AppStream-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.src",
"BaseOS-9.2.0.Z.E4S:expat-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debuginfo-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-debugsource-0:2.5.0-1.el9_2.3.x86_64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.aarch64",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.i686",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.ppc64le",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.s390x",
"BaseOS-9.2.0.Z.E4S:expat-devel-0:2.5.0-1.el9_2.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:23202
Vulnerability from csaf_redhat - Published: 2025-12-15 15:29 - Updated: 2026-01-14 10:18Summary
Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.5 (CUDA)
Notes
Topic
Red Hat AI Inference Server Model Optimization Tools 3.2.5 (CUDA) is now available.
Details
Red Hat® AI Inference Server Model Optimization Tools
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server Model Optimization Tools 3.2.5 (CUDA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server Model Optimization Tools",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23202",
"url": "https://access.redhat.com/errata/RHSA-2025:23202"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23202.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.5 (CUDA)",
"tracking": {
"current_release_date": "2026-01-14T10:18:09+00:00",
"generator": {
"date": "2026-01-14T10:18:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:23202",
"initial_release_date": "2025-12-15T15:29:01+00:00",
"revision_history": [
{
"date": "2025-12-15T15:29:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-15T15:29:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-14T10:18:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64",
"product_id": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/model-opt-cuda-rhel9@sha256%3Afca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.5-1765361184"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"product": {
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"product_id": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/model-opt-cuda-rhel9@sha256%3Af083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d?arch=arm64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.5-1765361184"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64"
},
"product_reference": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-787: Out-of-bounds Write or a CWE-125: Out-of-bounds Read vulnerability, and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines and baseline configurations to ensure secure system and software settings, while least functionality reduces the attack surface by disabling unnecessary services and ports. Rigorous development practices, including static analysis, input validation, and error handling, detect and mitigate memory vulnerabilities before deployment. Process isolation and memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) preserve memory integrity by confining faults to individual workloads and preventing unauthorized access. Malicious code protections and continuous system monitoring detect anomalous memory activity and exploitation attempts, reducing the likelihood and impact of out-of-bounds read and write vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:29:01+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23202",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23202"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-606: Unchecked Input for Loop Condition vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls are in place, which ensure that any input controlling loop behavior is validated against strict criteria like type, length, and range before being processed. This prevents malicious or abnormal inputs from causing excessive or infinite iterations, thereby avoiding logic errors or system overloads. Memory protection controls such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) protect the system\u2019s memory from overuse or corruption if an unchecked input were to cause a loop to execute excessively. It ensures that memory is safely allocated and accessed, reducing the risks of buffer overflows, resource exhaustion, or crashes. Lastly, the implementation of security engineering principles dictates the use of secure coding practices, such as input validation, loop iteration limits, and error handling, are integrated during system design and development.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:29:01+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23202",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23202"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:29:01+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23202",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23202"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:29:01+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23202",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23202"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:29:01+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23202",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23202"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:29:01+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23202",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23202"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:29:01+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23202",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23202"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:f083e52ef4198ab8123c49eb044c4374ec996f65633d224bb8152ef0c3f30e7d_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:fca12d55fef49b9a67c8aa7c2c004adb8916b9784134b4e571067a615a7a4a2e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
}
]
}
RHSA-2025:23204
Vulnerability from csaf_redhat - Published: 2025-12-15 15:38 - Updated: 2026-01-14 10:18Summary
Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (CUDA)
Notes
Topic
Red Hat AI Inference Server 3.2.5 (CUDA) is now available.
Details
Red Hat® AI Inference Server
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.5 (CUDA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23204",
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62164",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62372",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62593",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23204.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.5 (CUDA)",
"tracking": {
"current_release_date": "2026-01-14T10:18:10+00:00",
"generator": {
"date": "2026-01-14T10:18:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:23204",
"initial_release_date": "2025-12-15T15:38:04+00:00",
"revision_history": [
{
"date": "2025-12-15T15:38:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-15T15:38:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-14T10:18:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-cuda-rhel9@sha256%3A7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.5-1765552580"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64",
"product_id": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-cuda-rhel9@sha256%3Af0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492?arch=arm64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.5-1765552580"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-787: Out-of-bounds Write or a CWE-125: Out-of-bounds Read vulnerability, and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines and baseline configurations to ensure secure system and software settings, while least functionality reduces the attack surface by disabling unnecessary services and ports. Rigorous development practices, including static analysis, input validation, and error handling, detect and mitigate memory vulnerabilities before deployment. Process isolation and memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) preserve memory integrity by confining faults to individual workloads and preventing unauthorized access. Malicious code protections and continuous system monitoring detect anomalous memory activity and exploitation attempts, reducing the likelihood and impact of out-of-bounds read and write vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:04+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23204",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-606: Unchecked Input for Loop Condition vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls are in place, which ensure that any input controlling loop behavior is validated against strict criteria like type, length, and range before being processed. This prevents malicious or abnormal inputs from causing excessive or infinite iterations, thereby avoiding logic errors or system overloads. Memory protection controls such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) protect the system\u2019s memory from overuse or corruption if an unchecked input were to cause a loop to execute excessively. It ensures that memory is safely allocated and accessed, reducing the risks of buffer overflows, resource exhaustion, or crashes. Lastly, the implementation of security engineering principles dictates the use of secure coding practices, such as input validation, loop iteration limits, and error handling, are integrated during system design and development.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:04+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23204",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:04+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23204",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:04+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23204",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:04+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23204",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:04+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23204",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-62164",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-21T02:01:11.280042+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416282"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in vLLM allows attackers to supply malicious serialized prompt-embedding tensors that are deserialized using torch.load() without validation. Due to PyTorch 2.8.0 disabling sparse-tensor integrity checks by default, a crafted tensor can bypass bounds checks and cause an out-of-bounds write during to_dense(), leading to a crash (DoS) and potentially remote code execution on the vLLM server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is considered important rather than moderate because it involves unsafe deserialization leading to memory corruption in a network-reachable, unauthenticated API path. Unlike typical moderate flaws that may only allow limited DoS or require specific conditions, this issue allows an attacker to supply a crafted sparse tensor that triggers an out-of-bounds memory write during PyTorch\u2019s to_dense() conversion. Memory corruption in a server process handling untrusted input significantly elevates security risk because it can lead not only to a reliable crash but also to potential remote code execution, enabling full compromise of the vLLM service. Additionally, the affected code path is part of the standard Completions API workflow, making the attack surface broadly exposed in real deployments. The combination of remote exploitability, unauthenticated access, memory corruption, and potential RCE clearly positions this issue above a moderate classification and into an important severity level.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62164"
},
{
"category": "external",
"summary": "RHBZ#2416282",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416282"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62164"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62164"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-mrw7-hf4f-83pf"
}
],
"release_date": "2025-11-21T01:18:38.803000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:04+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23204",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: VLLM deserialization vulnerability leading to DoS and potential RCE"
},
{
"cve": "CVE-2025-62372",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2025-11-21T02:00:57.180567+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416280"
}
],
"notes": [
{
"category": "description",
"text": "vLLM is an inference and serving engine for large language models (LLMs). From version 0.5.5 to before 0.11.1, users can crash the vLLM engine serving multimodal models by passing multimodal embedding inputs with correct ndim but incorrect shape (e.g. hidden dimension is wrong), regardless of whether the model is intended to support such inputs (as defined in the Supported Models page). This issue has been patched in version 0.11.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw is rated Moderate rather than Important because its impact is strictly limited to availability and requires low but existing privileges to exploit. The issue arises from incomplete shape validation of multimodal embedding tensors, which can cause deterministic crashes in the inference engine, but it does not enable memory corruption, data leakage, integrity compromise, or execution of arbitrary code. Exploitation requires an authenticated or API-key-holding user to submit malformed multimodal inputs, meaning it cannot be triggered by an unauthenticated attacker on an exposed endpoint. Additionally, the failure mode is a clean crash rather than undefined behavior, so the blast radius is constrained to service interruption rather than broader systemic compromise. These factors\u2014PR:L requirement, no confidentiality/integrity impact, deterministic failure mode, and scoped DoS only\u2014technically align the issue with Moderate severity instead of an Important flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62372"
},
{
"category": "external",
"summary": "RHBZ#2416280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416280"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62372"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b",
"url": "https://github.com/vllm-project/vllm/commit/58fab50d82838d5014f4a14d991fdb9352c9c84b"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/27204",
"url": "https://github.com/vllm-project/vllm/pull/27204"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/6613",
"url": "https://github.com/vllm-project/vllm/pull/6613"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-pmqf-x6x8-p7qw"
}
],
"release_date": "2025-11-21T01:22:37.121000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:04+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23204",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vllm: vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs"
},
{
"cve": "CVE-2025-62593",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-11-26T23:01:25.307125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417394"
}
],
"notes": [
{
"category": "description",
"text": "Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense uses the User-Agent header starting with the string \"Mozilla\" as a defense mechanism. This defense is insufficient as the fetch specification allows the User-Agent header to be modified. Combined with a DNS rebinding attack against the browser, and this vulnerability is exploitable against a developer running Ray who inadvertently visits a malicious website, or is served a malicious advertisement (malvertising). This issue has been patched in version 2.52.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has chosen to keep this as Important instead of Critical severity because the successful exploitation of this vulnerability requires user interaction in conjunction with a DNS rebinding attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "RHBZ#2417394",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417394"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62593",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62593"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09",
"url": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v",
"url": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v"
}
],
"release_date": "2025-11-26T22:28:28.577000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:04+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23204",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:04+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23204",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-15T15:38:04+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23204",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23204"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:7b04c0154c486aa7dd103ddeaf6bea7b9851859c33a4b979a85261a44a7b77f2_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:f0ab1b678e9447eae4b6b2fe5c58531aa8524133db157f196726164e4dc20492_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
}
]
}
RHSA-2026:0078
Vulnerability from csaf_redhat - Published: 2026-01-05 17:40 - Updated: 2026-01-13 22:36Summary
Red Hat Security Advisory: spice-client-win security update
Notes
Topic
An update for spice-client-win is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Spice client MSI installers for Windows clients
Security Fix(es):
* sqlite: Integer Truncation in SQLite (CVE-2025-6965)
* libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)
* libtiff: Libtiff Write-What-Where (CVE-2025-9900)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for spice-client-win is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Spice client MSI installers for Windows clients\n\nSecurity Fix(es):\n\n* sqlite: Integer Truncation in SQLite (CVE-2025-6965)\n\n* libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)\n\n* libtiff: Libtiff Write-What-Where (CVE-2025-9900)\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0078",
"url": "https://access.redhat.com/errata/RHSA-2026:0078"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0078.json"
}
],
"title": "Red Hat Security Advisory: spice-client-win security update",
"tracking": {
"current_release_date": "2026-01-13T22:36:27+00:00",
"generator": {
"date": "2026-01-13T22:36:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:0078",
"initial_release_date": "2026-01-05T17:40:30+00:00",
"revision_history": [
{
"date": "2026-01-05T17:40:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-05T17:40:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:36:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.2::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "spice-client-win-0:8.10-3.el8_2.1.src",
"product": {
"name": "spice-client-win-0:8.10-3.el8_2.1.src",
"product_id": "spice-client-win-0:8.10-3.el8_2.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win@8.10-3.el8_2.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"product": {
"name": "spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"product_id": "spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win-x64@8.10-3.el8_2.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spice-client-win-x86-0:8.10-3.el8_2.1.noarch",
"product": {
"name": "spice-client-win-x86-0:8.10-3.el8_2.1.noarch",
"product_id": "spice-client-win-x86-0:8.10-3.el8_2.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win-x86@8.10-3.el8_2.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-0:8.10-3.el8_2.1.src as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src"
},
"product_reference": "spice-client-win-0:8.10-3.el8_2.1.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x64-0:8.10-3.el8_2.1.noarch as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch"
},
"product_reference": "spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x86-0:8.10-3.el8_2.1.noarch as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"product_id": "AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
},
"product_reference": "spice-client-win-x86-0:8.10-3.el8_2.1.noarch",
"relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T17:40:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8176",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-26T04:00:56.216434+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: LibTIFF Use-After-Free Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Important because it involves a use-after-free flaw in the get_histogram function of LibTIFF\u2019s tiffmedian tool. Successful exploitation may allow a local attacker to execute arbitrary code or cause a denial of service, leading to loss of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "RHBZ#2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176"
},
{
"category": "external",
"summary": "http://www.libtiff.org/",
"url": "http://www.libtiff.org/"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172",
"url": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/707",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/707"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727"
},
{
"category": "external",
"summary": "https://vuldb.com/?ctiid.317590",
"url": "https://vuldb.com/?ctiid.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.317590",
"url": "https://vuldb.com/?id.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?submit.621796",
"url": "https://vuldb.com/?submit.621796"
}
],
"release_date": "2025-07-26T03:32:08.851000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T17:40:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: LibTIFF Use-After-Free Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Gareth C"
],
"organization": "AnchorSec Ltd."
}
],
"cve": "CVE-2025-9900",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2025-09-03T02:48:12.111000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file\u0027s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Libtiff Write-What-Where",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires user interaction to run the malicious TIFF image file, hence the CVE is maintained as important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "RHBZ#2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file",
"url": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/704",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/704"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732"
},
{
"category": "external",
"summary": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html",
"url": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"
}
],
"release_date": "2025-09-22T14:29:35.767000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T17:40:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: Libtiff Write-What-Where"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T17:40:30+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0078"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.AUS:spice-client-win-0:8.10-3.el8_2.1.src",
"AppStream-8.2.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_2.1.noarch",
"AppStream-8.2.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_2.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2026:0518
Vulnerability from csaf_redhat - Published: 2026-01-13 16:03 - Updated: 2026-01-13 22:46Summary
Red Hat Security Advisory: Red Hat Quay 3.16.1
Notes
Topic
Red Hat Quay 3.16.1 is now available with bug fixes.
Details
Quay 3.16.1
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.16.1 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.16.1",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0518",
"url": "https://access.redhat.com/errata/RHSA-2026:0518"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0518.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.16.1",
"tracking": {
"current_release_date": "2026-01-13T22:46:39+00:00",
"generator": {
"date": "2026-01-13T22:46:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:0518",
"initial_release_date": "2026-01-13T16:03:52+00:00",
"revision_history": [
{
"date": "2026-01-13T16:03:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-13T16:04:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:46:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.16",
"product": {
"name": "Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767970158"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3Ac1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767979355"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3Aa0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767978288"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3Ab89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3Ad209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3Ac7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969106"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3Aa1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1767886976"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Ad723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767970158"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3A835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767979355"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3A12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767978288"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3A18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3Ab291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969106"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3Aff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1767886976"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3Abf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767979355"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767970158"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767979280"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3Ad9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767978288"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Ae8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767970174"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3Abe10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969285"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3A85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969180"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767980647"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3A0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767969106"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3A87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1767886976"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-13T16:03:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0518"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-13T16:03:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0518"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-13T16:03:52+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0518"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:18674692fb24a03b3aad3f255b205a3afac8e6201efced2945b4bded3a0168db_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:85e4c20d0dcc746ccf96de9d46e838b5239b1ae0faf328410021ca2454bb55b6_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:d209a8c2876c8dac0380b942c701f67742d737423400189859752214a814e5f5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:e8afb6364b22ee3d98bdf402a45cdd119dd52fe4c70d13c7e353d9917b5390fa_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:0fe722ed6c797a674d1edf5f2a0965eadd05a02bcc7598be674ccb61b8025df4_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:b89297ecfb0a9f63e4da66cccca8d56a116bd2bb90e0782227f9d97387042253_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:be10460471b54f6b5442718a4fbf696bb074a6fdaf07569f3519d0677a15ba00_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:84021c67a5bd508aff6efc6e641f108175e617ef3eef2019f5cecd25dc9a0691_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9c878781eafcc20fe975634d4db7e795608ab89a6c77667c4af04d38af2500bd_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:d723221f0ad6ffca4be3b0dd095977ed231a389780ef78672a9fae6896bc9568_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:835936fd4e539387d9b8c9f9c1d2965d03835873b8c6027e4e9a1cde5ef6df55_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:bf793a2407f484febf3185542e8db736766da04297104fe8ceac0071d6773206_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:c1ab8f95c0dd121cd26d8ff0fe50fac54bc6934156a37b8a403c930059b506a5_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:4061bfdf8eebf9aa51a7701a685daa5ef97741adab368a7c9c03fd9d01dd63ee_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:12c014cc7ecc8a5ac4b4ae816cf1319d8a6dc5307dbb69de8484b2d276d1a48d_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:a0bfba880aa3c9350aabf6bc8345d9ad7d321edbef33aa8e48ae47e7668852ba_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:d9fcca30e7cede4d2fca8a050b04a844453f174906e90ca7e06a77d71cf139f5_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:0c5c0e745efdd28ad5fcf313884fab04ae371748b91a10ffd86fb9da5c13172d_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:0f8e8939cde91c873fbc617202e10bb064ac27713e85f7c4914fb73f7d591c29_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:b291c5cd49701ab09df74370e8971614eaee2ed8b27a77eaae0c09e6bf2ba633_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:c7ab16c077f5ee2f4e597810309ebdc825c8477461d3343478010e5435623e4f_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:87dff92ca84ba1c48bb87a276a660165c9d10475fd3067989b593a1fdce8e475_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:a1fccdf3e171f8c2410e0fb3182e49188eec90f2acc08174634114455853436d_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:ff78174701ecd4c840dff59667f0790419f850771f6726973434bf5fd6e81687_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
}
]
}
RHSA-2026:0001
Vulnerability from csaf_redhat - Published: 2026-01-05 00:51 - Updated: 2026-01-13 22:31Summary
Red Hat Security Advisory: spice-client-win security update
Notes
Topic
An update for spice-client-win is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Spice client MSI installers for Windows clients
Security Fix(es):
* sqlite: Integer Truncation in SQLite (CVE-2025-6965)
* libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)
* libtiff: Libtiff Write-What-Where (CVE-2025-9900)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for spice-client-win is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Spice client MSI installers for Windows clients\n\nSecurity Fix(es):\n\n* sqlite: Integer Truncation in SQLite (CVE-2025-6965)\n\n* libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)\n\n* libtiff: Libtiff Write-What-Where (CVE-2025-9900)\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0001",
"url": "https://access.redhat.com/errata/RHSA-2026:0001"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0001.json"
}
],
"title": "Red Hat Security Advisory: spice-client-win security update",
"tracking": {
"current_release_date": "2026-01-13T22:31:16+00:00",
"generator": {
"date": "2026-01-13T22:31:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:0001",
"initial_release_date": "2026-01-05T00:51:17+00:00",
"revision_history": [
{
"date": "2026-01-05T00:51:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-05T00:51:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:31:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "spice-client-win-0:8.10-3.el8_8.1.src",
"product": {
"name": "spice-client-win-0:8.10-3.el8_8.1.src",
"product_id": "spice-client-win-0:8.10-3.el8_8.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win@8.10-3.el8_8.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"product": {
"name": "spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"product_id": "spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win-x64@8.10-3.el8_8.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"product": {
"name": "spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"product_id": "spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win-x86@8.10-3.el8_8.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-0:8.10-3.el8_8.1.src as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src"
},
"product_reference": "spice-client-win-0:8.10-3.el8_8.1.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x64-0:8.10-3.el8_8.1.noarch as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch"
},
"product_reference": "spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x86-0:8.10-3.el8_8.1.noarch as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
},
"product_reference": "spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-0:8.10-3.el8_8.1.src as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src"
},
"product_reference": "spice-client-win-0:8.10-3.el8_8.1.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x64-0:8.10-3.el8_8.1.noarch as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch"
},
"product_reference": "spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x86-0:8.10-3.el8_8.1.noarch as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
},
"product_reference": "spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T00:51:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0001"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8176",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-26T04:00:56.216434+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: LibTIFF Use-After-Free Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Important because it involves a use-after-free flaw in the get_histogram function of LibTIFF\u2019s tiffmedian tool. Successful exploitation may allow a local attacker to execute arbitrary code or cause a denial of service, leading to loss of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "RHBZ#2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176"
},
{
"category": "external",
"summary": "http://www.libtiff.org/",
"url": "http://www.libtiff.org/"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172",
"url": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/707",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/707"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727"
},
{
"category": "external",
"summary": "https://vuldb.com/?ctiid.317590",
"url": "https://vuldb.com/?ctiid.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.317590",
"url": "https://vuldb.com/?id.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?submit.621796",
"url": "https://vuldb.com/?submit.621796"
}
],
"release_date": "2025-07-26T03:32:08.851000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T00:51:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0001"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: LibTIFF Use-After-Free Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Gareth C"
],
"organization": "AnchorSec Ltd."
}
],
"cve": "CVE-2025-9900",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2025-09-03T02:48:12.111000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file\u0027s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Libtiff Write-What-Where",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires user interaction to run the malicious TIFF image file, hence the CVE is maintained as important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "RHBZ#2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file",
"url": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/704",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/704"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732"
},
{
"category": "external",
"summary": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html",
"url": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"
}
],
"release_date": "2025-09-22T14:29:35.767000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T00:51:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0001"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: Libtiff Write-What-Where"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T00:51:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0001"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-0:8.10-3.el8_8.1.src",
"AppStream-8.8.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_8.1.noarch",
"AppStream-8.8.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2026:0414
Vulnerability from csaf_redhat - Published: 2026-01-08 22:34 - Updated: 2026-01-14 10:21Summary
Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage
Notes
Topic
A Subscription Management tool for finding and reporting Red Hat product usage
Details
Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds,
identifies, and reports environment data, or facts, such as the number of physical and virtual
systems on a network, their operating systems, and relevant configuration data stored within
them. Discovery also identifies and reports more detailed facts for some versions of key
Red Hat packages and products that it finds in the network.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A Subscription Management tool for finding and reporting Red Hat product usage",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Discovery, also known as Discovery, is an inspection and reporting tool that finds,\nidentifies, and reports environment data, or facts, such as the number of physical and virtual\nsystems on a network, their operating systems, and relevant configuration data stored within\nthem. Discovery also identifies and reports more detailed facts for some versions of key\nRed Hat packages and products that it finds in the network.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0414",
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-5642",
"url": "https://access.redhat.com/security/cve/CVE-2024-5642"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-45582",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4598",
"url": "https://access.redhat.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59682",
"url": "https://access.redhat.com/security/cve/CVE-2025-59682"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6069",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6075",
"url": "https://access.redhat.com/security/cve/CVE-2025-6075"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61984",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61985",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-64460",
"url": "https://access.redhat.com/security/cve/CVE-2025-64460"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-64720",
"url": "https://access.redhat.com/security/cve/CVE-2025-64720"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-64756",
"url": "https://access.redhat.com/security/cve/CVE-2025-64756"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65018",
"url": "https://access.redhat.com/security/cve/CVE-2025-65018"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66293",
"url": "https://access.redhat.com/security/cve/CVE-2025-66293"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8291",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery",
"url": "https://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0414.json"
}
],
"title": "Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage",
"tracking": {
"current_release_date": "2026-01-14T10:21:51+00:00",
"generator": {
"date": "2026-01-14T10:21:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:0414",
"initial_release_date": "2026-01-08T22:34:17+00:00",
"revision_history": [
{
"date": "2026-01-08T22:34:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-08T22:34:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-14T10:21:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Discovery 2",
"product": {
"name": "Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:discovery:2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Discovery"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"product": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"product_id": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256%3Ad4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf?arch=amd64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1767888970"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"product": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"product_id": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256%3A899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee?arch=amd64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1767904573"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"product": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"product_id": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-server-rhel9@sha256%3A75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543?arch=arm64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1767888970"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64",
"product": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64",
"product_id": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-ui-rhel9@sha256%3A8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e?arch=arm64\u0026repository_url=registry.redhat.io/discovery\u0026tag=1767904573"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64"
},
"product_reference": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
},
"product_reference": "registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64"
},
"product_reference": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"relates_to_product_reference": "Red Hat Discovery 2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64 as a component of Red Hat Discovery 2",
"product_id": "Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
},
"product_reference": "registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64",
"relates_to_product_reference": "Red Hat Discovery 2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-5642",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2294682"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Python/CPython that does not disallow configuring an empty list (\"[]\") for SSLContext.set_npn_protocols(), which is an invalid value for the underlying OpenSSL API. This issue results in a buffer over-read when NPN is used. See CVE -2024-5535 for OpenSSL for more information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated with a Low severity due to NPN not being widely used and specifying an empty list is likely uncommon in practice. Typically, a protocol name would be configured.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-5642"
},
{
"category": "external",
"summary": "RHBZ#2294682",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294682"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-5642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5642"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/PLP2JI3PJY33YG6P5BZYSSNU66HASXBQ/"
}
],
"release_date": "2024-06-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used"
},
{
"cve": "CVE-2025-4598",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2025-05-29T19:04:54.578000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369242"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was rated as having a severity of Moderate due to the complexity to exploit this flaw. The attacker needs to setup a way to win the race condition and have an unprivileged local account to successfully exploit this vulnerability.\n\nBy default Red Hat Enterprise Linux 8 doesn\u0027t allow systemd-coredump to create dumps of SUID programs as the /proc/sys/fs/suid_dumpable is set to 0, disabling by default this capability.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-364: Signal Handler Race Condition vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces least functionality by enabling only essential features, services, and ports to reduce the system\u2019s attack surface. Static code analysis, peer reviews, and strong input validation detect unsafe input that could influence execution timing or path resolution. Real-time threat detection, including IPS/IDS, antimalware, and continuous monitoring, supports rapid identification of exploitation attempts. Process isolation and Kubernetes orchestration minimize the risk of concurrent execution conflicts and contain potential impacts. Executable search paths are limited to trusted, explicitly defined directories, reducing the risk of executing malicious files. Additionally, signal handling is implemented using secure development practices that mitigate asynchronous execution risks, and workloads run in environments that abstract direct signal management.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "RHBZ#2369242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4598",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4598"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/29/3",
"url": "https://www.openwall.com/lists/oss-security/2025/05/29/3"
}
],
"release_date": "2025-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "This issue can be mitigated by disabling the capability of the system to generate a coredump for SUID binaries. The perform that, the following command can be ran as `root` user:\n\n~~~\necho 0 \u003e /proc/sys/fs/suid_dumpable\n~~~\n\nWhile this mitigates this vulnerability while it\u0027s not possible to update the systemd package, it disables the capability of analyzing crashes for such binaries.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump"
},
{
"cve": "CVE-2025-6069",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2025-06-17T14:00:45.339399+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373234"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service (DoS) vulnerability has been discovered in Python\u0027s html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Python HTMLParser quadratic complexity",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-1333: Inefficient Regular Expression Complexity and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nBaseline configurations enforce secure coding practices that restrict the use of inefficient or vulnerable regular expression patterns known to cause excessive backtracking or resource consumption. Input validation routines sanitize and constrain user input before it is evaluated by regular expressions, reducing the risk of triggering regex-related performance issues. Real-time system monitoring detects abnormal CPU usage or request latency indicative of inefficient regex execution, enabling timely investigation and response.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "RHBZ#2373234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949",
"url": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41",
"url": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b",
"url": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135462",
"url": "https://github.com/python/cpython/issues/135462"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135464",
"url": "https://github.com/python/cpython/pull/135464"
}
],
"release_date": "2025-06-17T13:39:46.058000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Python HTMLParser quadratic complexity"
},
{
"cve": "CVE-2025-6075",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-31T17:01:47.052517+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2408891"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in Python\u2019s os.path.expandvars() function that can cause performance degradation. When processing specially crafted, user-controlled input with nested environment variable patterns, the function exhibits quadratic time complexity, potentially leading to excessive CPU usage and denial of service (DoS) conditions. No code execution or data exposure occurs, so the impact is limited to performance slowdown.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python: Quadratic complexity in os.path.expandvars() with user-controlled template",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Low rather than Moderate because it only causes a performance inefficiency without affecting code execution, data integrity, or confidentiality. The flaw lies in the algorithmic complexity of os.path.expandvars(), which can become quadratic when processing crafted input containing repetitive or nested environment variable references. Exploitation requires the attacker to control the input string passed to this function, which is uncommon in secure applications. Moreover, the impact is limited to increased CPU utilization and potential slowdown, not system compromise or data manipulation. Since the issue does not introduce memory corruption, privilege escalation, or information disclosure risks, its overall impact scope and exploitability are minimal, justifying a Low severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6075"
},
{
"category": "external",
"summary": "RHBZ#2408891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408891"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6075",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6075"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/136065",
"url": "https://github.com/python/cpython/issues/136065"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/IUP5QJ6D4KK6ULHOMPC7DPNKRYQTQNLA/"
}
],
"release_date": "2025-10-31T16:41:34.983000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "python: Quadratic complexity in os.path.expandvars() with user-controlled template"
},
{
"cve": "CVE-2025-8291",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2025-10-07T19:01:23.599055+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402342"
}
],
"notes": [
{
"category": "description",
"text": "The \u0027zipfile\u0027 module would not check the validity of the ZIP64 End of\nCentral Directory (EOCD) Locator record offset value would not be used to\nlocate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be\nassumed to be the previous record in the ZIP archive. This could be abused\nto create ZIP archives that are handled differently by the \u0027zipfile\u0027 module\ncompared to other ZIP implementations.\n\n\nRemediation maintains this behavior, but checks that the offset specified\nin the ZIP64 EOCD Locator record matches the expected value.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-130: Improper Handling of Length Parameter Inconsistency and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation ensures length parameters align with actual buffer or data structure sizes, preventing truncation, overflow, and memory corruption. Secure development practices, such as static code analysis and peer reviews, detect improper length handling early and enforce consistency between declared and actual sizes. At runtime, process isolation contains memory anomalies within the originating context, preventing system-wide impact. Real-time monitoring detects crashes, segmentation faults, or buffer misuse, enabling prompt investigation and remediation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "RHBZ#2402342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267",
"url": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6",
"url": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/139700",
"url": "https://github.com/python/cpython/issues/139700"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/139702",
"url": "https://github.com/python/cpython/pull/139702"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/"
}
],
"release_date": "2025-10-07T18:10:05.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-606: Unchecked Input for Loop Condition vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls are in place, which ensure that any input controlling loop behavior is validated against strict criteria like type, length, and range before being processed. This prevents malicious or abnormal inputs from causing excessive or infinite iterations, thereby avoiding logic errors or system overloads. Memory protection controls such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) protect the system\u2019s memory from overuse or corruption if an unchecked input were to cause a loop to execute excessively. It ensures that memory is safely allocated and accessed, reducing the risks of buffer overflows, resource exhaustion, or crashes. Lastly, the implementation of security engineering principles dictates the use of secure coding practices, such as input validation, loop iteration limits, and error handling, are integrated during system design and development.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-45582",
"cwe": {
"id": "CWE-24",
"name": "Path Traversal: \u0027../filedir\u0027"
},
"discovery_date": "2025-07-11T17:00:47.340822+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379592"
}
],
"notes": [
{
"category": "description",
"text": "A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the \u2018--keep-old-files\u2019 (\u2018-k\u2019), the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to the operation of some service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tar: Tar path traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-24: Path Traversal: \u0027../filedir\u0027 and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nBaseline configurations enforce strict privilege levels for code execution, allowing only authorized processes to access or modify files within approved directories. Input validation sanitizes and verifies user-supplied file paths against defined patterns, blocking traversal sequences that could enable unauthorized access outside designated locations. Configuration settings further restrict directory and file system access, ensuring applications operate within approved resources and execution boundaries.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "RHBZ#2379592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379592"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md",
"url": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/",
"url": "https://www.gnu.org/software/tar/"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity",
"url": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity"
}
],
"release_date": "2025-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tar: Tar path traversal"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-59682",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-09-30T13:18:31.746000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400450"
}
],
"notes": [
{
"category": "description",
"text": "An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the \"startapp --template\" and \"startproject --template\" commands, allows partial directory traversal via an archive with file paths sharing a common prefix with the target directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "django: Potential partial directory-traversal via archive.extract()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59682"
},
{
"category": "external",
"summary": "RHBZ#2400450",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400450"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59682"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59682",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59682"
}
],
"release_date": "2025-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "django: Potential partial directory-traversal via archive.extract()"
},
{
"cve": "CVE-2025-61984",
"cwe": {
"id": "CWE-159",
"name": "Improper Handling of Invalid Use of Special Elements"
},
"discovery_date": "2025-10-06T19:01:13.449665+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401960"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nThe issue occurs only when a ProxyCommand is configured and the SSH client handles a username containing control characters from an untrusted source, such as script-generated input or expanded configuration values.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-159: Improper Handling of Invalid Use of Special Elements\n\nStrict input validation sanitizes user-supplied data to ensure special elements, such as control characters, escape sequences, or delimiters, are only allowed when explicitly required, preventing malformed inputs from disrupting control flow, parsing, or protocol logic. Secure development practices, including static code analysis and peer reviews, catch improper handling of special elements early in the lifecycle, reducing the risk of logic flaws and injection vectors. Additionally, robust error handling and process isolation contain the impact of malformed inputs to the originating context, avoiding system-wide disruption or data exposure. Real-time monitoring detects anomalous behavior stemming from improper input handling, enabling prompt investigation and response.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "RHBZ#2401960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-61985",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2025-10-06T19:01:16.841946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401962"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows the \u0027\\0\u0027 character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nExploiting this vulnerability would require a specific configuration where ProxyCommand is enabled and the SSH client processes an untrusted ssh:// URI containing null bytes. Under these conditions, the command parser may misinterpret the URI and execute unintended shell commands.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-158: Improper Neutralization of Null Byte or NUL Character, and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation routines rigorously sanitize user-supplied data, ensuring special elements, such as control characters, escape sequences, or delimiters, are securely handled or rejected when not explicitly required. This prevents malformed input from disrupting control flow, altering parsing logic, or introducing injection risks. Secure development practices, including static code analysis and peer reviews, detect and remediate improper handling of special elements early in the development lifecycle. Runtime safeguards such as process isolation confine the impact of unexpected input to its execution context, preventing broader system instability or data exposure. Real-time monitoring further supports timely detection and response to anomalies or parsing errors related to special element misuse.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "RHBZ#2401962",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401962"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-64460",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2025-12-02T16:01:05.300335+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Django. This vulnerability allows a remote attacker to cause a potential denial-of-service (DoS) attack triggering Central Processing Unit (CPU) and memory exhaustion via specially crafted Extensible Markup Language (XML) input processed by the XML Deserializer.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Django: Django: Algorithmic complexity in XML Deserializer leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that process XML input using Django\u0027s XML Deserializer, including Red Hat Ansible Automation Platform, Red Hat OpenStack Platform, and OpenShift Service Mesh. A remote attacker can exploit this flaw by providing specially crafted XML, leading to a denial-of-service due to CPU and memory exhaustion.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-64460"
},
{
"category": "external",
"summary": "RHBZ#2418366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-64460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64460"
},
{
"category": "external",
"summary": "https://docs.djangoproject.com/en/dev/releases/security/",
"url": "https://docs.djangoproject.com/en/dev/releases/security/"
},
{
"category": "external",
"summary": "https://groups.google.com/g/django-announce",
"url": "https://groups.google.com/g/django-announce"
},
{
"category": "external",
"summary": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases/",
"url": "https://www.djangoproject.com/weblog/2025/dec/02/security-releases/"
}
],
"release_date": "2025-12-02T15:15:34.451000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Django: Django: Algorithmic complexity in XML Deserializer leads to denial of service"
},
{
"cve": "CVE-2025-64720",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-11-25T00:00:54.081073+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416904"
}
],
"notes": [
{
"category": "description",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component \u2264 alpha \u00d7 257 required by the simplified PNG API. This issue has been patched in version 1.6.51.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: LIBPNG buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. An out-of-bounds read in libpng can occur when processing specially crafted palette images with `PNG_FLAG_OPTIMIZE_ALPHA` enabled. Successful exploitation requires a user to process a malicious PNG file, leading to potential application crash or information disclosure.\n\njava-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-64720"
},
{
"category": "external",
"summary": "RHBZ#2416904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-64720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64720"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643",
"url": "https://github.com/pnggroup/libpng/commit/08da33b4c88cfcd36e5a706558a8d7e0e4773643"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/issues/686",
"url": "https://github.com/pnggroup/libpng/issues/686"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/pull/751",
"url": "https://github.com/pnggroup/libpng/pull/751"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww",
"url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-hfc7-ph9c-wcww"
}
],
"release_date": "2025-11-24T23:45:38.315000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libpng: LIBPNG buffer overflow"
},
{
"cve": "CVE-2025-64756",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2025-11-17T18:01:28.077927+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2415451"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob: glob: Command Injection Vulnerability via Malicious Filenames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in glob allows arbitrary command execution when the `glob` command-line interface is used with the `-c/--cmd` option to process files with malicious names. The vulnerability is triggered by shell metacharacters in filenames, leading to command injection. The glob CLI tool utilizes the -c option to execute shell commands over the files which matched the searched pattern by using the shell:true parameter when creating the subprocess which will further execute the command informed via \u0027-c\u0027 option, this parameter allows the shell meta characters to be used and processed when executing the command. Given that information glob misses to sanitize the file name to eliminate such characters and expressions from the filename, leading to code execution as when performing the shell expansion such characters will be interpreted as shell commands.\n\nTo exploit this vulnerability the targeted system should run the glob CLI over a file with a maliciously crafted filename, additionally the attacker needs to have enough permission to create such file or trick the user to download and process the required file with the glob CLI.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-64756"
},
{
"category": "external",
"summary": "RHBZ#2415451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415451"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146",
"url": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2",
"url": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2"
}
],
"release_date": "2025-11-17T17:29:08.029000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid using the `glob` command-line interface with the `-c` or `--cmd` option when processing filenames from untrusted sources. If programmatic use of `glob` is necessary, ensure that filenames are thoroughly sanitized before being passed to commands executed with shell interpretation enabled.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "glob: glob: Command Injection Vulnerability via Malicious Filenames"
},
{
"cve": "CVE-2025-65018",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2025-11-25T00:01:05.570152+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2416907"
}
],
"notes": [
{
"category": "description",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_read when processing 16-bit interlaced PNGs with 8-bit output format. Attacker-crafted interlaced PNG files cause heap writes beyond allocated buffer bounds. This issue has been patched in version 1.6.51.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: LIBPNG heap buffer overflow",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. A heap buffer overflow exists in the libpng library\u0027s png_image_finish_read function when processing specially crafted 16-bit interlaced PNG images with an 8-bit output format. Successful exploitation requires a user or an automated system to process a malicious PNG file, which could lead to application crashes or arbitrary code execution.\n\njava-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65018"
},
{
"category": "external",
"summary": "RHBZ#2416907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65018",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65018"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d",
"url": "https://github.com/pnggroup/libpng/commit/16b5e3823918840aae65c0a6da57c78a5a496a4d"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea",
"url": "https://github.com/pnggroup/libpng/commit/218612ddd6b17944e21eda56caf8b4bf7779d1ea"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/issues/755",
"url": "https://github.com/pnggroup/libpng/issues/755"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/pull/757",
"url": "https://github.com/pnggroup/libpng/pull/757"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g",
"url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-7wv6-48j4-hj3g"
}
],
"release_date": "2025-11-24T23:50:18.294000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libpng: LIBPNG heap buffer overflow"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66293",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-12-03T21:00:59.956903+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418711"
}
],
"notes": [
{
"category": "description",
"text": "LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng\u0027s simplified API allows reading up to 1012 bytes beyond the png_sRGB_base[512] array when processing valid palette PNG images with partial transparency and gamma correction. The PNG files that trigger this vulnerability are valid per the PNG specification; the bug is in libpng\u0027s internal state management. Upgrade to libpng 1.6.52 or later.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libpng: LIBPNG out-of-bounds read in png_image_read_composite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products as it affects libpng, a widely used library for processing PNG images. An out-of-bounds read can occur in libpng\u0027s simplified API when handling specially crafted PNG images with partial transparency and gamma correction. This could lead to information disclosure or application crashes in software that processes untrusted PNG files using affected versions of libpng.\n\njava-*-openjdk-headless packages do not contain libsplashscreen.so, hence are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"known_not_affected": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66293"
},
{
"category": "external",
"summary": "RHBZ#2418711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66293"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66293"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1",
"url": "https://github.com/pnggroup/libpng/commit/788a624d7387a758ffd5c7ab010f1870dea753a1"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a",
"url": "https://github.com/pnggroup/libpng/commit/a05a48b756de63e3234ea6b3b938b8f5f862484a"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/issues/764",
"url": "https://github.com/pnggroup/libpng/issues/764"
},
{
"category": "external",
"summary": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f",
"url": "https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f"
}
],
"release_date": "2025-12-03T20:33:57.086000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libpng: LIBPNG out-of-bounds read in png_image_read_composite"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory allocation for the decompressed data. This vulnerability is fixed in 2.6.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-08T22:34:17+00:00",
"details": "The containers required to run Discovery can be installed through discovery-installer\nRPM. See the official documentation for more details.",
"product_ids": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0414"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:75723049a444b5136e2d40920e2852f0840fecf60832a8bbb06e488fc9bba543_arm64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-server-rhel9@sha256:d4e8987a100ea60942306f1564679e51fa1364f6124fbfb3100959f83a1f16bf_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:899bd7f941512d54af8ab369ca03028a7d27d05887ccce24bc12c7ccd3e4dbee_amd64",
"Red Hat Discovery 2:registry.redhat.io/discovery/discovery-ui-rhel9@sha256:8af6fd7c8fe38d6bfd22e42810badde0aeeae738ea28667ae29dbc0cf4266f3e_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
}
]
}
RHSA-2025:23248
Vulnerability from csaf_redhat - Published: 2025-12-16 08:28 - Updated: 2026-01-13 22:44Summary
Red Hat Security Advisory: RHSA 4.7.9 security and bug fix update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details
See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23248",
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47907",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9648",
"url": "https://access.redhat.com/security/cve/CVE-2025-9648"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.7/html-single/release_notes/index#about-this-release-479_release-notes-47",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.7/html-single/release_notes/index#about-this-release-479_release-notes-47"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23248.json"
}
],
"title": "Red Hat Security Advisory: RHSA 4.7.9 security and bug fix update",
"tracking": {
"current_release_date": "2026-01-13T22:44:12+00:00",
"generator": {
"date": "2026-01-13T22:44:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:23248",
"initial_release_date": "2025-12-16T08:28:09+00:00",
"revision_history": [
{
"date": "2025-12-16T08:28:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-16T08:28:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:44:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security 4.7",
"product": {
"name": "Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Ae7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Aaf2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ae33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Acd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Af1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ac019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ac623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ae81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ac2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ae68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Ae3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ab3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Abe1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Acec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Ab3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Aff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ac16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Af9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ab3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T08:28:09+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T08:28:09+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-9648",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2025-09-29T12:00:57.819834+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400107"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability in the CivetWeb library\u0027s function mg_handle_form_request allows remote attackers to trigger a denial of service (DoS) condition. By sending a specially crafted HTTP POST request containing a null byte in the payload, the server enters an infinite loop during form data parsing. Multiple malicious requests will result in complete CPU exhaustion and render the service unresponsive to further requests.\n\nThis issue was fixed in commit 782e189. This issue affects only the library, standalone executable pre-built by vendor is not affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "civetweb: Denial of Service in CivetWeb",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "On Red Hat systems a denial of service in the CivetWeb application does not pose a broader availability risk to the host.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9648"
},
{
"category": "external",
"summary": "RHBZ#2400107",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400107"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9648",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9648"
},
{
"category": "external",
"summary": "https://cert.pl/en/posts/2025/09/CVE-2025-9648",
"url": "https://cert.pl/en/posts/2025/09/CVE-2025-9648"
},
{
"category": "external",
"summary": "https://github.com/civetweb/civetweb",
"url": "https://github.com/civetweb/civetweb"
},
{
"category": "external",
"summary": "https://github.com/civetweb/civetweb/commit/782e18903515f43bafbf2e668994e82bdfa51133",
"url": "https://github.com/civetweb/civetweb/commit/782e18903515f43bafbf2e668994e82bdfa51133"
},
{
"category": "external",
"summary": "https://github.com/civetweb/civetweb/issues/1348",
"url": "https://github.com/civetweb/civetweb/issues/1348"
}
],
"release_date": "2025-09-29T11:47:56.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T08:28:09+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "civetweb: Denial of Service in CivetWeb"
},
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces the principle of least functionality, ensuring that only essential features, services, and ports are enabled. The environment leverages malicious code protections such as IPS/IDS and antimalware solutions that detect and respond to indicators in real time, limiting the impact of exploitation attempts. Static code analysis and peer code review techniques are used to execute robust input validation and error-handling mechanisms to ensure all user inputs are thoroughly validated, preventing improperly validated inputs from causing system instability, exposing sensitive data, or escalating risks. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation and automated orchestration via Kubernetes minimize the likelihood of concurrent execution scenarios that would trigger the race condition and help contain the impact to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T08:28:09+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T08:28:09+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:22033
Vulnerability from csaf_redhat - Published: 2025-11-25 08:03 - Updated: 2026-01-13 22:45Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22033",
"url": "https://access.redhat.com/errata/RHSA-2025:22033"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22033.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:45:24+00:00",
"generator": {
"date": "2026-01-13T22:45:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:22033",
"initial_release_date": "2025-11-25T08:03:54+00:00",
"revision_history": [
{
"date": "2025-11-25T08:03:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-25T08:03:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:45:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"product": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"product_id": "expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-2.el9_4.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"product": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"product_id": "expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-2.el9_4.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"product": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"product_id": "expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-2.el9_4.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-2.el9_4.3.aarch64",
"product": {
"name": "expat-0:2.5.0-2.el9_4.3.aarch64",
"product_id": "expat-0:2.5.0-2.el9_4.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.3?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"product": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"product_id": "expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-2.el9_4.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"product": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"product_id": "expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-2.el9_4.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"product_id": "expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-2.el9_4.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-2.el9_4.3.ppc64le",
"product": {
"name": "expat-0:2.5.0-2.el9_4.3.ppc64le",
"product_id": "expat-0:2.5.0-2.el9_4.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-2.el9_4.3.i686",
"product": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.i686",
"product_id": "expat-devel-0:2.5.0-2.el9_4.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-2.el9_4.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"product": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"product_id": "expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-2.el9_4.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"product": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"product_id": "expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-2.el9_4.3?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-2.el9_4.3.i686",
"product": {
"name": "expat-0:2.5.0-2.el9_4.3.i686",
"product_id": "expat-0:2.5.0-2.el9_4.3.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.3?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"product": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"product_id": "expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-2.el9_4.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"product": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"product_id": "expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-2.el9_4.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"product": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"product_id": "expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-2.el9_4.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-2.el9_4.3.x86_64",
"product": {
"name": "expat-0:2.5.0-2.el9_4.3.x86_64",
"product_id": "expat-0:2.5.0-2.el9_4.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-2.el9_4.3.s390x",
"product": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.s390x",
"product_id": "expat-devel-0:2.5.0-2.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-2.el9_4.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"product": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"product_id": "expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-2.el9_4.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"product": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"product_id": "expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-2.el9_4.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-2.el9_4.3.s390x",
"product": {
"name": "expat-0:2.5.0-2.el9_4.3.s390x",
"product_id": "expat-0:2.5.0-2.el9_4.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-2.el9_4.3.src",
"product": {
"name": "expat-0:2.5.0-2.el9_4.3.src",
"product_id": "expat-0:2.5.0-2.el9_4.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-2.el9_4.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64"
},
"product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686"
},
"product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x"
},
"product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64"
},
"product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64"
},
"product_reference": "expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686"
},
"product_reference": "expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le"
},
"product_reference": "expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x"
},
"product_reference": "expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64"
},
"product_reference": "expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64"
},
"product_reference": "expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686"
},
"product_reference": "expat-devel-0:2.5.0-2.el9_4.3.i686",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le"
},
"product_reference": "expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x"
},
"product_reference": "expat-devel-0:2.5.0-2.el9_4.3.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64"
},
"product_reference": "expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.src",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-2.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64"
},
"product_reference": "expat-0:2.5.0-2.el9_4.3.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64"
},
"product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686"
},
"product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x"
},
"product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64"
},
"product_reference": "expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64"
},
"product_reference": "expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686"
},
"product_reference": "expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le"
},
"product_reference": "expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x"
},
"product_reference": "expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-2.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64"
},
"product_reference": "expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64"
},
"product_reference": "expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686"
},
"product_reference": "expat-devel-0:2.5.0-2.el9_4.3.i686",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le"
},
"product_reference": "expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x"
},
"product_reference": "expat-devel-0:2.5.0-2.el9_4.3.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-2.el9_4.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64"
},
"product_reference": "expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
},
{
"names": [
"Tomas Korbar",
"Sandipan Roy"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Sebastian Pipping"
],
"organization": "libexpat"
}
],
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-06-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310137"
}
],
"notes": [
{
"category": "description",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All supported Red Hat offerings are built with the compilation flag (-fstack-clash-protection) which reduces the impact to Moderate. This build configuration blocks the possibility of an attacker gaining arbitrary code execution even if a stack-clash vulnerability, like this one, could be exploited.\n\nThis vulnerability is rated Moderate because Red Hat builds use the `-fstack-clash-protection` compiler flag, which mitigates the risk of arbitrary code execution from stack overflows. While the flaw allows a crash via uncontrolled recursion in XML parsing, the hardened stack layout prevents reliable memory corruption, limiting the impact to a Denial of Service (DoS) scenario.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-674: Uncontrolled Recursion vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls ensure that inputs triggering recursion are validated to stay within safe limits, which reduces the risk of infinite or excessive recursion. The implementation of least functionality on the platform further restricts potential impacts of recursions by disabling unnecessary recursive functions or features, thus reducing the available pathways for a would-be attacker. The inclusion of developer testing and evaluation ensures that recursive functions are tested and that safeguards like error handling are in place. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation can limit impacts to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64"
],
"known_not_affected": [
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8176"
},
{
"category": "external",
"summary": "RHBZ#2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/893",
"url": "https://github.com/libexpat/libexpat/issues/893"
}
],
"release_date": "2025-03-13T13:51:54.957000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-25T08:03:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22033"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64"
],
"known_not_affected": [
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-25T08:03:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22033"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"AppStream-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"AppStream-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.src",
"BaseOS-9.4.0.Z.EUS:expat-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debuginfo-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-debugsource-0:2.5.0-2.el9_4.3.x86_64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.aarch64",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.i686",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.ppc64le",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.s390x",
"BaseOS-9.4.0.Z.EUS:expat-devel-0:2.5.0-2.el9_4.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:21773
Vulnerability from csaf_redhat - Published: 2025-11-19 20:10 - Updated: 2026-01-13 22:31Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21773",
"url": "https://access.redhat.com/errata/RHSA-2025:21773"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21773.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:31:16+00:00",
"generator": {
"date": "2026-01-13T22:31:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:21773",
"initial_release_date": "2025-11-19T20:10:25+00:00",
"revision_history": [
{
"date": "2025-11-19T20:10:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-19T20:10:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:31:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.6::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"product": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"product_id": "expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-5.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"product": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"product_id": "expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-5.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"product": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"product_id": "expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-5.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_6.1.aarch64",
"product": {
"name": "expat-0:2.5.0-5.el9_6.1.aarch64",
"product_id": "expat-0:2.5.0-5.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_6.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"product": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"product_id": "expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-5.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"product": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"product_id": "expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-5.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"product_id": "expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-5.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_6.1.ppc64le",
"product": {
"name": "expat-0:2.5.0-5.el9_6.1.ppc64le",
"product_id": "expat-0:2.5.0-5.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_6.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-5.el9_6.1.i686",
"product": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.i686",
"product_id": "expat-devel-0:2.5.0-5.el9_6.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-5.el9_6.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"product": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"product_id": "expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-5.el9_6.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"product": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"product_id": "expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-5.el9_6.1?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_6.1.i686",
"product": {
"name": "expat-0:2.5.0-5.el9_6.1.i686",
"product_id": "expat-0:2.5.0-5.el9_6.1.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_6.1?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-5.el9_6.1.x86_64",
"product": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.x86_64",
"product_id": "expat-devel-0:2.5.0-5.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-5.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"product": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"product_id": "expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-5.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"product": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"product_id": "expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-5.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_6.1.x86_64",
"product": {
"name": "expat-0:2.5.0-5.el9_6.1.x86_64",
"product_id": "expat-0:2.5.0-5.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_6.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-5.el9_6.1.s390x",
"product": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.s390x",
"product_id": "expat-devel-0:2.5.0-5.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-5.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"product": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"product_id": "expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-5.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"product": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"product_id": "expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-5.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_6.1.s390x",
"product": {
"name": "expat-0:2.5.0-5.el9_6.1.s390x",
"product_id": "expat-0:2.5.0-5.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_6.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-5.el9_6.1.src",
"product": {
"name": "expat-0:2.5.0-5.el9_6.1.src",
"product_id": "expat-0:2.5.0-5.el9_6.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-5.el9_6.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.aarch64"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.i686"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.ppc64le"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.s390x"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.src"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.x86_64"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.i686"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.s390x"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.aarch64"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.i686"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.s390x"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.x86_64"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.aarch64"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.i686 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.i686"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_6.1.i686",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.ppc64le"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.s390x"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.x86_64"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.aarch64"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.i686"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.ppc64le"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.s390x"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.src"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.src",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-5.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.x86_64"
},
"product_reference": "expat-0:2.5.0-5.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.i686"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.s390x"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64"
},
"product_reference": "expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.aarch64"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.i686"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.s390x"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-5.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.x86_64"
},
"product_reference": "expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.aarch64"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.i686 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.i686"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_6.1.i686",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.ppc64le"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.s390x"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-5.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.x86_64"
},
"product_reference": "expat-devel-0:2.5.0-5.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-19T20:10:25+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21773"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.i686",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:expat-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-debuginfo-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-debugsource-0:2.5.0-5.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.i686",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:expat-devel-0:2.5.0-5.el9_6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:22618
Vulnerability from csaf_redhat - Published: 2025-12-02 15:17 - Updated: 2026-01-13 22:43Summary
Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.8.0 release
Notes
Topic
Red Hat OpenShift distributed tracing platform (Tempo) 3.8.0 has been released
Details
This release of the Red Hat OpenShift distributed tracing platform (Tempo) provides new features, security improvements, and bug fixes.
Breaking changes:
* Nothing
Deprecations:
* Nothing
Technology Preview features:
* Nothing
Enhancements:
* Nothing
Bug fixes:
* Before this update, the Tempo pods would stop to communicate because internal TLS certificates were renewed. With this update, the Tempo pods automatically restart when certificates are renewed.
* Before this update, Tempo monolithic metrics were not being properly scraped.
* https://access.redhat.com/security/cve/CVE-2025-59375
Known issues:
* Nothing
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift distributed tracing platform (Tempo) 3.8.0 has been released",
"title": "Topic"
},
{
"category": "general",
"text": "This release of the Red Hat OpenShift distributed tracing platform (Tempo) provides new features, security improvements, and bug fixes.\n\n\nBreaking changes:\n\n* Nothing\n\n\nDeprecations:\n\n* Nothing\n\n\nTechnology Preview features:\n\n* Nothing\n\n\nEnhancements:\n\n* Nothing\n\n\nBug fixes:\n\n* Before this update, the Tempo pods would stop to communicate because internal TLS certificates were renewed. With this update, the Tempo pods automatically restart when certificates are renewed.\n\n* Before this update, Tempo monolithic metrics were not being properly scraped.\n\n* https://access.redhat.com/security/cve/CVE-2025-59375\n\nKnown issues:\n\n* Nothing",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22618",
"url": "https://access.redhat.com/errata/RHSA-2025:22618"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/distributed_tracing/distributed-tracing-platform-tempo",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/distributed_tracing/distributed-tracing-platform-tempo"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22618.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift distributed tracing platform (Tempo) 3.8.0 release",
"tracking": {
"current_release_date": "2026-01-13T22:43:41+00:00",
"generator": {
"date": "2026-01-13T22:43:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:22618",
"initial_release_date": "2025-12-02T15:17:18+00:00",
"revision_history": [
{
"date": "2025-12-02T15:17:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-02T15:17:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:43:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift distributed tracing 3.8.1",
"product": {
"name": "Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift distributed tracing"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:f25a68576e0f207084864219afd15e6545e4942671cf52703cb97d1c37cc29da_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:f25a68576e0f207084864219afd15e6545e4942671cf52703cb97d1c37cc29da_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:f25a68576e0f207084864219afd15e6545e4942671cf52703cb97d1c37cc29da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-operator-bundle@sha256%3Af25a68576e0f207084864219afd15e6545e4942671cf52703cb97d1c37cc29da?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764256409"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:4529a7f8d3a2d20264bcb9d9526589bd214bb9ef84b34398f5d4fe7947937ed9_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:4529a7f8d3a2d20264bcb9d9526589bd214bb9ef84b34398f5d4fe7947937ed9_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:4529a7f8d3a2d20264bcb9d9526589bd214bb9ef84b34398f5d4fe7947937ed9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3A4529a7f8d3a2d20264bcb9d9526589bd214bb9ef84b34398f5d4fe7947937ed9?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764037013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:444e9e52db4c660e9c5bced414f5d1816ad205fe5a4938e06cd23860b0884b5e_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:444e9e52db4c660e9c5bced414f5d1816ad205fe5a4938e06cd23860b0884b5e_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:444e9e52db4c660e9c5bced414f5d1816ad205fe5a4938e06cd23860b0884b5e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3A444e9e52db4c660e9c5bced414f5d1816ad205fe5a4938e06cd23860b0884b5e?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:c9b2fac8e6b2aedf98c6bd9e9726da9be1e044927af270e89b1600df565fb11e_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:c9b2fac8e6b2aedf98c6bd9e9726da9be1e044927af270e89b1600df565fb11e_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:c9b2fac8e6b2aedf98c6bd9e9726da9be1e044927af270e89b1600df565fb11e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3Ac9b2fac8e6b2aedf98c6bd9e9726da9be1e044927af270e89b1600df565fb11e?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:fe2a78e4f8e0430fff5e2a53be8c16b13a54441ed562c8549d8e1c6d0f8865ab_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:fe2a78e4f8e0430fff5e2a53be8c16b13a54441ed562c8549d8e1c6d0f8865ab_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:fe2a78e4f8e0430fff5e2a53be8c16b13a54441ed562c8549d8e1c6d0f8865ab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3Afe2a78e4f8e0430fff5e2a53be8c16b13a54441ed562c8549d8e1c6d0f8865ab?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:bc5f5d3a19a27c37f64c71525da603e522f746bb57aeb7d3992d37d707fd2cb8_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:bc5f5d3a19a27c37f64c71525da603e522f746bb57aeb7d3992d37d707fd2cb8_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:bc5f5d3a19a27c37f64c71525da603e522f746bb57aeb7d3992d37d707fd2cb8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3Abc5f5d3a19a27c37f64c71525da603e522f746bb57aeb7d3992d37d707fd2cb8?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:4de4c5b2d5b1f4b4825b8f463b3c2173db026b725dc80130a4b0578158a5e96b_amd64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:4de4c5b2d5b1f4b4825b8f463b3c2173db026b725dc80130a4b0578158a5e96b_amd64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:4de4c5b2d5b1f4b4825b8f463b3c2173db026b725dc80130a4b0578158a5e96b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3A4de4c5b2d5b1f4b4825b8f463b3c2173db026b725dc80130a4b0578158a5e96b?arch=amd64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035468"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:bfad7dc8e021a84fa4eb2ada9ab7809b64128ed2c0484ebd6df318af82ee5470_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:bfad7dc8e021a84fa4eb2ada9ab7809b64128ed2c0484ebd6df318af82ee5470_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:bfad7dc8e021a84fa4eb2ada9ab7809b64128ed2c0484ebd6df318af82ee5470_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3Abfad7dc8e021a84fa4eb2ada9ab7809b64128ed2c0484ebd6df318af82ee5470?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764037013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:a07f56bd28e696c6af8ca062174d5031dc323cb5e662fd024370851ad44cc6a4_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:a07f56bd28e696c6af8ca062174d5031dc323cb5e662fd024370851ad44cc6a4_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:a07f56bd28e696c6af8ca062174d5031dc323cb5e662fd024370851ad44cc6a4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3Aa07f56bd28e696c6af8ca062174d5031dc323cb5e662fd024370851ad44cc6a4?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:1a5d2d0363f67da79ed163a0334990ed47100fa9b27d0f5d6de175fd6eb262be_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:1a5d2d0363f67da79ed163a0334990ed47100fa9b27d0f5d6de175fd6eb262be_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:1a5d2d0363f67da79ed163a0334990ed47100fa9b27d0f5d6de175fd6eb262be_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3A1a5d2d0363f67da79ed163a0334990ed47100fa9b27d0f5d6de175fd6eb262be?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:6ac7f273df243f2881dfdbe9b2f6e0f8ae64436fc7a63874e1f294a29e10740c_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:6ac7f273df243f2881dfdbe9b2f6e0f8ae64436fc7a63874e1f294a29e10740c_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:6ac7f273df243f2881dfdbe9b2f6e0f8ae64436fc7a63874e1f294a29e10740c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3A6ac7f273df243f2881dfdbe9b2f6e0f8ae64436fc7a63874e1f294a29e10740c?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:552768ac844b3316e67d7381660d22732e769e0eb22ad6efe314cebabe81d918_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:552768ac844b3316e67d7381660d22732e769e0eb22ad6efe314cebabe81d918_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:552768ac844b3316e67d7381660d22732e769e0eb22ad6efe314cebabe81d918_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3A552768ac844b3316e67d7381660d22732e769e0eb22ad6efe314cebabe81d918?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:599055e5a940dd634351e1d80a0d11536d0a9941c0e5ff3ecf19158949991282_arm64",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:599055e5a940dd634351e1d80a0d11536d0a9941c0e5ff3ecf19158949991282_arm64",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:599055e5a940dd634351e1d80a0d11536d0a9941c0e5ff3ecf19158949991282_arm64",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3A599055e5a940dd634351e1d80a0d11536d0a9941c0e5ff3ecf19158949991282?arch=arm64\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035468"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:37e1131356229c7504b0eae1a3437e62473ad55b88b6431d874cc8ddf51cc560_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:37e1131356229c7504b0eae1a3437e62473ad55b88b6431d874cc8ddf51cc560_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:37e1131356229c7504b0eae1a3437e62473ad55b88b6431d874cc8ddf51cc560_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3A37e1131356229c7504b0eae1a3437e62473ad55b88b6431d874cc8ddf51cc560?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764037013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:502566f41879e7626d373e444cf07d52f977675e119499475726a5ad9e33f200_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:502566f41879e7626d373e444cf07d52f977675e119499475726a5ad9e33f200_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:502566f41879e7626d373e444cf07d52f977675e119499475726a5ad9e33f200_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3A502566f41879e7626d373e444cf07d52f977675e119499475726a5ad9e33f200?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:7e88f13d47a76ef1b0f89c3bd2981859dab54eed90d1b08eebc2d1b441c4732f_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:7e88f13d47a76ef1b0f89c3bd2981859dab54eed90d1b08eebc2d1b441c4732f_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:7e88f13d47a76ef1b0f89c3bd2981859dab54eed90d1b08eebc2d1b441c4732f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3A7e88f13d47a76ef1b0f89c3bd2981859dab54eed90d1b08eebc2d1b441c4732f?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:f2bb0106b8e8869a1546820e83f2f4c17aec424b8be6c4a85227b6c1787b0494_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:f2bb0106b8e8869a1546820e83f2f4c17aec424b8be6c4a85227b6c1787b0494_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:f2bb0106b8e8869a1546820e83f2f4c17aec424b8be6c4a85227b6c1787b0494_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3Af2bb0106b8e8869a1546820e83f2f4c17aec424b8be6c4a85227b6c1787b0494?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:7577cb7b725bbdcefecdc9ba870dc037d164fe19627da7d9cb5090b4c2feb224_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:7577cb7b725bbdcefecdc9ba870dc037d164fe19627da7d9cb5090b4c2feb224_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:7577cb7b725bbdcefecdc9ba870dc037d164fe19627da7d9cb5090b4c2feb224_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3A7577cb7b725bbdcefecdc9ba870dc037d164fe19627da7d9cb5090b4c2feb224?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:e099fc80213ed933479a8ec05517b2571167d174217084386d9cc4b710bffd7c_ppc64le",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:e099fc80213ed933479a8ec05517b2571167d174217084386d9cc4b710bffd7c_ppc64le",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:e099fc80213ed933479a8ec05517b2571167d174217084386d9cc4b710bffd7c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3Ae099fc80213ed933479a8ec05517b2571167d174217084386d9cc4b710bffd7c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035468"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b6903cc63acf9c8e145f873ac488214e48e30fd18b4711defdc7a3229e6b3443_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b6903cc63acf9c8e145f873ac488214e48e30fd18b4711defdc7a3229e6b3443_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b6903cc63acf9c8e145f873ac488214e48e30fd18b4711defdc7a3229e6b3443_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-rhel8@sha256%3Ab6903cc63acf9c8e145f873ac488214e48e30fd18b4711defdc7a3229e6b3443?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764037013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:61f205274bcf96035a74da4a2cbc96e5289c2d1612c700ba2b2043fa200b0655_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:61f205274bcf96035a74da4a2cbc96e5289c2d1612c700ba2b2043fa200b0655_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:61f205274bcf96035a74da4a2cbc96e5289c2d1612c700ba2b2043fa200b0655_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-jaeger-query-rhel8@sha256%3A61f205274bcf96035a74da4a2cbc96e5289c2d1612c700ba2b2043fa200b0655?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:5107fb97217a19d35af9ae48321a2918c3d5d58d2a3c808f41e13629fb4a2e3c_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:5107fb97217a19d35af9ae48321a2918c3d5d58d2a3c808f41e13629fb4a2e3c_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:5107fb97217a19d35af9ae48321a2918c3d5d58d2a3c808f41e13629fb4a2e3c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-gateway-opa-rhel8@sha256%3A5107fb97217a19d35af9ae48321a2918c3d5d58d2a3c808f41e13629fb4a2e3c?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035458"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:50f96688b8fc7790ef0de9c0d002f9f93ae9f9037c4140de39f351ae951a44d7_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:50f96688b8fc7790ef0de9c0d002f9f93ae9f9037c4140de39f351ae951a44d7_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:50f96688b8fc7790ef0de9c0d002f9f93ae9f9037c4140de39f351ae951a44d7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8-operator@sha256%3A50f96688b8fc7790ef0de9c0d002f9f93ae9f9037c4140de39f351ae951a44d7?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:72ac6c689f71dbb3537e845eee6eacee9f7abbdcfeacf3cfa3607f94a9f98727_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:72ac6c689f71dbb3537e845eee6eacee9f7abbdcfeacf3cfa3607f94a9f98727_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:72ac6c689f71dbb3537e845eee6eacee9f7abbdcfeacf3cfa3607f94a9f98727_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-query-rhel8@sha256%3A72ac6c689f71dbb3537e845eee6eacee9f7abbdcfeacf3cfa3607f94a9f98727?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:f85e8bfdd18332d244fba78e3a848df5beae3695b88c866555f8dbfdfad8c337_s390x",
"product": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:f85e8bfdd18332d244fba78e3a848df5beae3695b88c866555f8dbfdfad8c337_s390x",
"product_id": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:f85e8bfdd18332d244fba78e3a848df5beae3695b88c866555f8dbfdfad8c337_s390x",
"product_identification_helper": {
"purl": "pkg:oci/tempo-rhel8@sha256%3Af85e8bfdd18332d244fba78e3a848df5beae3695b88c866555f8dbfdfad8c337?arch=s390x\u0026repository_url=registry.redhat.io/rhosdt\u0026tag=rhosdt-3.8-1764035468"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:1a5d2d0363f67da79ed163a0334990ed47100fa9b27d0f5d6de175fd6eb262be_arm64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:1a5d2d0363f67da79ed163a0334990ed47100fa9b27d0f5d6de175fd6eb262be_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:1a5d2d0363f67da79ed163a0334990ed47100fa9b27d0f5d6de175fd6eb262be_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:5107fb97217a19d35af9ae48321a2918c3d5d58d2a3c808f41e13629fb4a2e3c_s390x as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:5107fb97217a19d35af9ae48321a2918c3d5d58d2a3c808f41e13629fb4a2e3c_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:5107fb97217a19d35af9ae48321a2918c3d5d58d2a3c808f41e13629fb4a2e3c_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:7e88f13d47a76ef1b0f89c3bd2981859dab54eed90d1b08eebc2d1b441c4732f_ppc64le as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:7e88f13d47a76ef1b0f89c3bd2981859dab54eed90d1b08eebc2d1b441c4732f_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:7e88f13d47a76ef1b0f89c3bd2981859dab54eed90d1b08eebc2d1b441c4732f_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:c9b2fac8e6b2aedf98c6bd9e9726da9be1e044927af270e89b1600df565fb11e_amd64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:c9b2fac8e6b2aedf98c6bd9e9726da9be1e044927af270e89b1600df565fb11e_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:c9b2fac8e6b2aedf98c6bd9e9726da9be1e044927af270e89b1600df565fb11e_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:37e1131356229c7504b0eae1a3437e62473ad55b88b6431d874cc8ddf51cc560_ppc64le as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:37e1131356229c7504b0eae1a3437e62473ad55b88b6431d874cc8ddf51cc560_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:37e1131356229c7504b0eae1a3437e62473ad55b88b6431d874cc8ddf51cc560_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:4529a7f8d3a2d20264bcb9d9526589bd214bb9ef84b34398f5d4fe7947937ed9_amd64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:4529a7f8d3a2d20264bcb9d9526589bd214bb9ef84b34398f5d4fe7947937ed9_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:4529a7f8d3a2d20264bcb9d9526589bd214bb9ef84b34398f5d4fe7947937ed9_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b6903cc63acf9c8e145f873ac488214e48e30fd18b4711defdc7a3229e6b3443_s390x as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b6903cc63acf9c8e145f873ac488214e48e30fd18b4711defdc7a3229e6b3443_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b6903cc63acf9c8e145f873ac488214e48e30fd18b4711defdc7a3229e6b3443_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:bfad7dc8e021a84fa4eb2ada9ab7809b64128ed2c0484ebd6df318af82ee5470_arm64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:bfad7dc8e021a84fa4eb2ada9ab7809b64128ed2c0484ebd6df318af82ee5470_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:bfad7dc8e021a84fa4eb2ada9ab7809b64128ed2c0484ebd6df318af82ee5470_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:444e9e52db4c660e9c5bced414f5d1816ad205fe5a4938e06cd23860b0884b5e_amd64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:444e9e52db4c660e9c5bced414f5d1816ad205fe5a4938e06cd23860b0884b5e_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:444e9e52db4c660e9c5bced414f5d1816ad205fe5a4938e06cd23860b0884b5e_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:502566f41879e7626d373e444cf07d52f977675e119499475726a5ad9e33f200_ppc64le as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:502566f41879e7626d373e444cf07d52f977675e119499475726a5ad9e33f200_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:502566f41879e7626d373e444cf07d52f977675e119499475726a5ad9e33f200_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:61f205274bcf96035a74da4a2cbc96e5289c2d1612c700ba2b2043fa200b0655_s390x as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:61f205274bcf96035a74da4a2cbc96e5289c2d1612c700ba2b2043fa200b0655_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:61f205274bcf96035a74da4a2cbc96e5289c2d1612c700ba2b2043fa200b0655_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:a07f56bd28e696c6af8ca062174d5031dc323cb5e662fd024370851ad44cc6a4_arm64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:a07f56bd28e696c6af8ca062174d5031dc323cb5e662fd024370851ad44cc6a4_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:a07f56bd28e696c6af8ca062174d5031dc323cb5e662fd024370851ad44cc6a4_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:f25a68576e0f207084864219afd15e6545e4942671cf52703cb97d1c37cc29da_amd64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:f25a68576e0f207084864219afd15e6545e4942671cf52703cb97d1c37cc29da_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:f25a68576e0f207084864219afd15e6545e4942671cf52703cb97d1c37cc29da_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:552768ac844b3316e67d7381660d22732e769e0eb22ad6efe314cebabe81d918_arm64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:552768ac844b3316e67d7381660d22732e769e0eb22ad6efe314cebabe81d918_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:552768ac844b3316e67d7381660d22732e769e0eb22ad6efe314cebabe81d918_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:72ac6c689f71dbb3537e845eee6eacee9f7abbdcfeacf3cfa3607f94a9f98727_s390x as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:72ac6c689f71dbb3537e845eee6eacee9f7abbdcfeacf3cfa3607f94a9f98727_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:72ac6c689f71dbb3537e845eee6eacee9f7abbdcfeacf3cfa3607f94a9f98727_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:7577cb7b725bbdcefecdc9ba870dc037d164fe19627da7d9cb5090b4c2feb224_ppc64le as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:7577cb7b725bbdcefecdc9ba870dc037d164fe19627da7d9cb5090b4c2feb224_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:7577cb7b725bbdcefecdc9ba870dc037d164fe19627da7d9cb5090b4c2feb224_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:bc5f5d3a19a27c37f64c71525da603e522f746bb57aeb7d3992d37d707fd2cb8_amd64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:bc5f5d3a19a27c37f64c71525da603e522f746bb57aeb7d3992d37d707fd2cb8_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:bc5f5d3a19a27c37f64c71525da603e522f746bb57aeb7d3992d37d707fd2cb8_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:50f96688b8fc7790ef0de9c0d002f9f93ae9f9037c4140de39f351ae951a44d7_s390x as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:50f96688b8fc7790ef0de9c0d002f9f93ae9f9037c4140de39f351ae951a44d7_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:50f96688b8fc7790ef0de9c0d002f9f93ae9f9037c4140de39f351ae951a44d7_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:6ac7f273df243f2881dfdbe9b2f6e0f8ae64436fc7a63874e1f294a29e10740c_arm64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:6ac7f273df243f2881dfdbe9b2f6e0f8ae64436fc7a63874e1f294a29e10740c_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:6ac7f273df243f2881dfdbe9b2f6e0f8ae64436fc7a63874e1f294a29e10740c_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:f2bb0106b8e8869a1546820e83f2f4c17aec424b8be6c4a85227b6c1787b0494_ppc64le as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:f2bb0106b8e8869a1546820e83f2f4c17aec424b8be6c4a85227b6c1787b0494_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:f2bb0106b8e8869a1546820e83f2f4c17aec424b8be6c4a85227b6c1787b0494_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:fe2a78e4f8e0430fff5e2a53be8c16b13a54441ed562c8549d8e1c6d0f8865ab_amd64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:fe2a78e4f8e0430fff5e2a53be8c16b13a54441ed562c8549d8e1c6d0f8865ab_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:fe2a78e4f8e0430fff5e2a53be8c16b13a54441ed562c8549d8e1c6d0f8865ab_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:4de4c5b2d5b1f4b4825b8f463b3c2173db026b725dc80130a4b0578158a5e96b_amd64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:4de4c5b2d5b1f4b4825b8f463b3c2173db026b725dc80130a4b0578158a5e96b_amd64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:4de4c5b2d5b1f4b4825b8f463b3c2173db026b725dc80130a4b0578158a5e96b_amd64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:599055e5a940dd634351e1d80a0d11536d0a9941c0e5ff3ecf19158949991282_arm64 as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:599055e5a940dd634351e1d80a0d11536d0a9941c0e5ff3ecf19158949991282_arm64"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:599055e5a940dd634351e1d80a0d11536d0a9941c0e5ff3ecf19158949991282_arm64",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:e099fc80213ed933479a8ec05517b2571167d174217084386d9cc4b710bffd7c_ppc64le as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:e099fc80213ed933479a8ec05517b2571167d174217084386d9cc4b710bffd7c_ppc64le"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:e099fc80213ed933479a8ec05517b2571167d174217084386d9cc4b710bffd7c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:f85e8bfdd18332d244fba78e3a848df5beae3695b88c866555f8dbfdfad8c337_s390x as a component of Red Hat OpenShift distributed tracing 3.8.1",
"product_id": "Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:f85e8bfdd18332d244fba78e3a848df5beae3695b88c866555f8dbfdfad8c337_s390x"
},
"product_reference": "registry.redhat.io/rhosdt/tempo-rhel8@sha256:f85e8bfdd18332d244fba78e3a848df5beae3695b88c866555f8dbfdfad8c337_s390x",
"relates_to_product_reference": "Red Hat OpenShift distributed tracing 3.8.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:1a5d2d0363f67da79ed163a0334990ed47100fa9b27d0f5d6de175fd6eb262be_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:5107fb97217a19d35af9ae48321a2918c3d5d58d2a3c808f41e13629fb4a2e3c_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:7e88f13d47a76ef1b0f89c3bd2981859dab54eed90d1b08eebc2d1b441c4732f_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:c9b2fac8e6b2aedf98c6bd9e9726da9be1e044927af270e89b1600df565fb11e_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:37e1131356229c7504b0eae1a3437e62473ad55b88b6431d874cc8ddf51cc560_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:4529a7f8d3a2d20264bcb9d9526589bd214bb9ef84b34398f5d4fe7947937ed9_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b6903cc63acf9c8e145f873ac488214e48e30fd18b4711defdc7a3229e6b3443_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:bfad7dc8e021a84fa4eb2ada9ab7809b64128ed2c0484ebd6df318af82ee5470_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:444e9e52db4c660e9c5bced414f5d1816ad205fe5a4938e06cd23860b0884b5e_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:502566f41879e7626d373e444cf07d52f977675e119499475726a5ad9e33f200_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:61f205274bcf96035a74da4a2cbc96e5289c2d1612c700ba2b2043fa200b0655_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:a07f56bd28e696c6af8ca062174d5031dc323cb5e662fd024370851ad44cc6a4_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:f25a68576e0f207084864219afd15e6545e4942671cf52703cb97d1c37cc29da_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:552768ac844b3316e67d7381660d22732e769e0eb22ad6efe314cebabe81d918_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:72ac6c689f71dbb3537e845eee6eacee9f7abbdcfeacf3cfa3607f94a9f98727_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:7577cb7b725bbdcefecdc9ba870dc037d164fe19627da7d9cb5090b4c2feb224_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:bc5f5d3a19a27c37f64c71525da603e522f746bb57aeb7d3992d37d707fd2cb8_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:50f96688b8fc7790ef0de9c0d002f9f93ae9f9037c4140de39f351ae951a44d7_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:6ac7f273df243f2881dfdbe9b2f6e0f8ae64436fc7a63874e1f294a29e10740c_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:f2bb0106b8e8869a1546820e83f2f4c17aec424b8be6c4a85227b6c1787b0494_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:fe2a78e4f8e0430fff5e2a53be8c16b13a54441ed562c8549d8e1c6d0f8865ab_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:4de4c5b2d5b1f4b4825b8f463b3c2173db026b725dc80130a4b0578158a5e96b_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:599055e5a940dd634351e1d80a0d11536d0a9941c0e5ff3ecf19158949991282_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:e099fc80213ed933479a8ec05517b2571167d174217084386d9cc4b710bffd7c_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:f85e8bfdd18332d244fba78e3a848df5beae3695b88c866555f8dbfdfad8c337_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-02T15:17:18+00:00",
"details": "For details on how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/operators/administrator-tasks#olm-upgrading-operators",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:1a5d2d0363f67da79ed163a0334990ed47100fa9b27d0f5d6de175fd6eb262be_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:5107fb97217a19d35af9ae48321a2918c3d5d58d2a3c808f41e13629fb4a2e3c_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:7e88f13d47a76ef1b0f89c3bd2981859dab54eed90d1b08eebc2d1b441c4732f_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:c9b2fac8e6b2aedf98c6bd9e9726da9be1e044927af270e89b1600df565fb11e_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:37e1131356229c7504b0eae1a3437e62473ad55b88b6431d874cc8ddf51cc560_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:4529a7f8d3a2d20264bcb9d9526589bd214bb9ef84b34398f5d4fe7947937ed9_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b6903cc63acf9c8e145f873ac488214e48e30fd18b4711defdc7a3229e6b3443_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:bfad7dc8e021a84fa4eb2ada9ab7809b64128ed2c0484ebd6df318af82ee5470_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:444e9e52db4c660e9c5bced414f5d1816ad205fe5a4938e06cd23860b0884b5e_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:502566f41879e7626d373e444cf07d52f977675e119499475726a5ad9e33f200_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:61f205274bcf96035a74da4a2cbc96e5289c2d1612c700ba2b2043fa200b0655_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:a07f56bd28e696c6af8ca062174d5031dc323cb5e662fd024370851ad44cc6a4_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:f25a68576e0f207084864219afd15e6545e4942671cf52703cb97d1c37cc29da_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:552768ac844b3316e67d7381660d22732e769e0eb22ad6efe314cebabe81d918_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:72ac6c689f71dbb3537e845eee6eacee9f7abbdcfeacf3cfa3607f94a9f98727_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:7577cb7b725bbdcefecdc9ba870dc037d164fe19627da7d9cb5090b4c2feb224_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:bc5f5d3a19a27c37f64c71525da603e522f746bb57aeb7d3992d37d707fd2cb8_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:50f96688b8fc7790ef0de9c0d002f9f93ae9f9037c4140de39f351ae951a44d7_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:6ac7f273df243f2881dfdbe9b2f6e0f8ae64436fc7a63874e1f294a29e10740c_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:f2bb0106b8e8869a1546820e83f2f4c17aec424b8be6c4a85227b6c1787b0494_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:fe2a78e4f8e0430fff5e2a53be8c16b13a54441ed562c8549d8e1c6d0f8865ab_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:4de4c5b2d5b1f4b4825b8f463b3c2173db026b725dc80130a4b0578158a5e96b_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:599055e5a940dd634351e1d80a0d11536d0a9941c0e5ff3ecf19158949991282_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:e099fc80213ed933479a8ec05517b2571167d174217084386d9cc4b710bffd7c_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:f85e8bfdd18332d244fba78e3a848df5beae3695b88c866555f8dbfdfad8c337_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22618"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:1a5d2d0363f67da79ed163a0334990ed47100fa9b27d0f5d6de175fd6eb262be_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:5107fb97217a19d35af9ae48321a2918c3d5d58d2a3c808f41e13629fb4a2e3c_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:7e88f13d47a76ef1b0f89c3bd2981859dab54eed90d1b08eebc2d1b441c4732f_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:c9b2fac8e6b2aedf98c6bd9e9726da9be1e044927af270e89b1600df565fb11e_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:37e1131356229c7504b0eae1a3437e62473ad55b88b6431d874cc8ddf51cc560_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:4529a7f8d3a2d20264bcb9d9526589bd214bb9ef84b34398f5d4fe7947937ed9_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b6903cc63acf9c8e145f873ac488214e48e30fd18b4711defdc7a3229e6b3443_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:bfad7dc8e021a84fa4eb2ada9ab7809b64128ed2c0484ebd6df318af82ee5470_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:444e9e52db4c660e9c5bced414f5d1816ad205fe5a4938e06cd23860b0884b5e_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:502566f41879e7626d373e444cf07d52f977675e119499475726a5ad9e33f200_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:61f205274bcf96035a74da4a2cbc96e5289c2d1612c700ba2b2043fa200b0655_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:a07f56bd28e696c6af8ca062174d5031dc323cb5e662fd024370851ad44cc6a4_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:f25a68576e0f207084864219afd15e6545e4942671cf52703cb97d1c37cc29da_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:552768ac844b3316e67d7381660d22732e769e0eb22ad6efe314cebabe81d918_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:72ac6c689f71dbb3537e845eee6eacee9f7abbdcfeacf3cfa3607f94a9f98727_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:7577cb7b725bbdcefecdc9ba870dc037d164fe19627da7d9cb5090b4c2feb224_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:bc5f5d3a19a27c37f64c71525da603e522f746bb57aeb7d3992d37d707fd2cb8_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:50f96688b8fc7790ef0de9c0d002f9f93ae9f9037c4140de39f351ae951a44d7_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:6ac7f273df243f2881dfdbe9b2f6e0f8ae64436fc7a63874e1f294a29e10740c_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:f2bb0106b8e8869a1546820e83f2f4c17aec424b8be6c4a85227b6c1787b0494_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:fe2a78e4f8e0430fff5e2a53be8c16b13a54441ed562c8549d8e1c6d0f8865ab_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:4de4c5b2d5b1f4b4825b8f463b3c2173db026b725dc80130a4b0578158a5e96b_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:599055e5a940dd634351e1d80a0d11536d0a9941c0e5ff3ecf19158949991282_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:e099fc80213ed933479a8ec05517b2571167d174217084386d9cc4b710bffd7c_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:f85e8bfdd18332d244fba78e3a848df5beae3695b88c866555f8dbfdfad8c337_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:1a5d2d0363f67da79ed163a0334990ed47100fa9b27d0f5d6de175fd6eb262be_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:5107fb97217a19d35af9ae48321a2918c3d5d58d2a3c808f41e13629fb4a2e3c_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:7e88f13d47a76ef1b0f89c3bd2981859dab54eed90d1b08eebc2d1b441c4732f_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-opa-rhel8@sha256:c9b2fac8e6b2aedf98c6bd9e9726da9be1e044927af270e89b1600df565fb11e_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:37e1131356229c7504b0eae1a3437e62473ad55b88b6431d874cc8ddf51cc560_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:4529a7f8d3a2d20264bcb9d9526589bd214bb9ef84b34398f5d4fe7947937ed9_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:b6903cc63acf9c8e145f873ac488214e48e30fd18b4711defdc7a3229e6b3443_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-gateway-rhel8@sha256:bfad7dc8e021a84fa4eb2ada9ab7809b64128ed2c0484ebd6df318af82ee5470_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:444e9e52db4c660e9c5bced414f5d1816ad205fe5a4938e06cd23860b0884b5e_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:502566f41879e7626d373e444cf07d52f977675e119499475726a5ad9e33f200_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:61f205274bcf96035a74da4a2cbc96e5289c2d1612c700ba2b2043fa200b0655_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-jaeger-query-rhel8@sha256:a07f56bd28e696c6af8ca062174d5031dc323cb5e662fd024370851ad44cc6a4_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-operator-bundle@sha256:f25a68576e0f207084864219afd15e6545e4942671cf52703cb97d1c37cc29da_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:552768ac844b3316e67d7381660d22732e769e0eb22ad6efe314cebabe81d918_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:72ac6c689f71dbb3537e845eee6eacee9f7abbdcfeacf3cfa3607f94a9f98727_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:7577cb7b725bbdcefecdc9ba870dc037d164fe19627da7d9cb5090b4c2feb224_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-query-rhel8@sha256:bc5f5d3a19a27c37f64c71525da603e522f746bb57aeb7d3992d37d707fd2cb8_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:50f96688b8fc7790ef0de9c0d002f9f93ae9f9037c4140de39f351ae951a44d7_s390x",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:6ac7f273df243f2881dfdbe9b2f6e0f8ae64436fc7a63874e1f294a29e10740c_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:f2bb0106b8e8869a1546820e83f2f4c17aec424b8be6c4a85227b6c1787b0494_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8-operator@sha256:fe2a78e4f8e0430fff5e2a53be8c16b13a54441ed562c8549d8e1c6d0f8865ab_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:4de4c5b2d5b1f4b4825b8f463b3c2173db026b725dc80130a4b0578158a5e96b_amd64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:599055e5a940dd634351e1d80a0d11536d0a9941c0e5ff3ecf19158949991282_arm64",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:e099fc80213ed933479a8ec05517b2571167d174217084386d9cc4b710bffd7c_ppc64le",
"Red Hat OpenShift distributed tracing 3.8.1:registry.redhat.io/rhosdt/tempo-rhel8@sha256:f85e8bfdd18332d244fba78e3a848df5beae3695b88c866555f8dbfdfad8c337_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:23227
Vulnerability from csaf_redhat - Published: 2025-12-16 00:01 - Updated: 2026-01-13 22:44Summary
Red Hat Security Advisory: Red Hat Ceph Storage
Notes
Topic
A new version of Red Hat build of Ceph Storage has been released
Details
The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1.
This release updates to the latest version.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new version of Red Hat build of Ceph Storage has been released",
"title": "Topic"
},
{
"category": "general",
"text": "The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1.\nThis release updates to the latest version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23227",
"url": "https://access.redhat.com/errata/RHSA-2025:23227"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-4598",
"url": "https://access.redhat.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9714",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/",
"url": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23227.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage",
"tracking": {
"current_release_date": "2026-01-13T22:44:12+00:00",
"generator": {
"date": "2026-01-13T22:44:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:23227",
"initial_release_date": "2025-12-16T00:01:44+00:00",
"revision_history": [
{
"date": "2025-12-16T00:01:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-16T00:01:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:44:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ceph Storage 8",
"product": {
"name": "Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:8::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3A6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d?arch=s390x\u0026repository_url=registry.redhat.io/rhceph"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ad0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Ac484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3Ab09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18?arch=amd64\u0026repository_url=registry.redhat.io/rhceph"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Aac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01?arch=arm64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7?arch=arm64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Acec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950?arch=arm64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Ae2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be?arch=arm64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3Ac95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8?arch=arm64\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d?arch=arm64\u0026repository_url=registry.redhat.io/rhceph"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ad69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Aa5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Acbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3Aa05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-4598",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2025-05-29T19:04:54.578000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369242"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw was rated as having a severity of Moderate due to the complexity to exploit this flaw. The attacker needs to setup a way to win the race condition and have an unprivileged local account to successfully exploit this vulnerability.\n\nBy default Red Hat Enterprise Linux 8 doesn\u0027t allow systemd-coredump to create dumps of SUID programs as the /proc/sys/fs/suid_dumpable is set to 0, disabling by default this capability.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-364: Signal Handler Race Condition vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat enforces least functionality by enabling only essential features, services, and ports to reduce the system\u2019s attack surface. Static code analysis, peer reviews, and strong input validation detect unsafe input that could influence execution timing or path resolution. Real-time threat detection, including IPS/IDS, antimalware, and continuous monitoring, supports rapid identification of exploitation attempts. Process isolation and Kubernetes orchestration minimize the risk of concurrent execution conflicts and contain potential impacts. Executable search paths are limited to trusted, explicitly defined directories, reducing the risk of executing malicious files. Additionally, signal handling is implemented using secure development practices that mitigate asynchronous execution risks, and workloads run in environments that abstract direct signal management.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-4598"
},
{
"category": "external",
"summary": "RHBZ#2369242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-4598",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4598"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/05/29/3",
"url": "https://www.openwall.com/lists/oss-security/2025/05/29/3"
}
],
"release_date": "2025-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T00:01:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23227"
},
{
"category": "workaround",
"details": "This issue can be mitigated by disabling the capability of the system to generate a coredump for SUID binaries. The perform that, the following command can be ran as `root` user:\n\n~~~\necho 0 \u003e /proc/sys/fs/suid_dumpable\n~~~\n\nWhile this mitigates this vulnerability while it\u0027s not possible to update the systemd package, it disables the capability of analyzing crashes for such binaries.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump"
},
{
"cve": "CVE-2025-9714",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2025-09-02T13:03:56.452000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392605"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libxstl/libxml2. The \u0027exsltDynMapFunction\u0027 function in libexslt/dynamic.c does not contain a recursion depth check, which may cause an infinite loop via a specially crafted XSLT document while handling \u0027dyn:map()\u0027, leading to stack exhaustion and a local denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "No evidence was found for arbitrary memory corruption through this flaw, limiting its impact to Availability only, and reducing its severity to Moderate.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-606: Unchecked Input for Loop Condition vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls are in place, which ensure that any input controlling loop behavior is validated against strict criteria like type, length, and range before being processed. This prevents malicious or abnormal inputs from causing excessive or infinite iterations, thereby avoiding logic errors or system overloads. Memory protection controls such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) protect the system\u2019s memory from overuse or corruption if an unchecked input were to cause a loop to execute excessively. It ensures that memory is safely allocated and accessed, reducing the risks of buffer overflows, resource exhaustion, or crashes. Lastly, the implementation of security engineering principles dictates the use of secure coding practices, such as input validation, loop iteration limits, and error handling, are integrated during system design and development.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9714"
},
{
"category": "external",
"summary": "RHBZ#2392605",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392605"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9714"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21",
"url": "https://gitlab.gnome.org/GNOME/libxml2/-/commit/677a42645ef22b5a50741bad5facf9d8a8bc6d21"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148",
"url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/148"
}
],
"release_date": "2025-09-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T00:01:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23227"
},
{
"category": "workaround",
"details": "The impact of this flaw may be reduced by setting strict resource limits to the stack size of processes at the operational system level. This can be achieved either through the \u0027ulimit\u0027 shell built-in or the \u0027limits.conf\u0027 file.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T00:01:44+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23227"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:79e38083033e50288fb6dd6ecca312217f0876b50d8131c7c4c77ecc647bb4af_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:ac21a72147ce641191ac615abc8961e7df3055c99a44fabeb41da2934df19c01_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d0c3f7c75a0ebda0ce2955a0c309e3dd55384008eb0bf4bc003cab0277109116_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:d69c42d3d38233336baff3ba13df429d68ac6a3a17ba1f4a170e2d1188c2e713_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:02292547622e11d0c94aca81752cc42129f8083cc2ae6e11ade8d1a5d604f278_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:8745e83f9a273994364c65a2ab6082ab61a80af05c4e1c53d23e8733126ff93b_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:a5d8d89e337645107c9b417ebf2d53424f3c2a0d5815f28ad417c1956e50a4da_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:cec72610bc57414cba82f7089059af4408d7c51022c15bd0214e03a1c313e950_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:6e64e0e65a871117cff35f0eba405b311ac1d6ec3ccc2621d61d3811a873e0b4_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:a05f9ecd070a8a1ac7c8ba56d5551642f81d275f54f0af45e0ecb6e46103d4f8_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:b09eb0a1d99e655de562919ded095bbb5dc65961e341a54ea59ad99b55ca9b1b_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c95ae228c11ea94b9c111d80df530af10f4a0d9198ccdf03b3685b9413b96fa8_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:3fec552f78ea9f55542c03b2f33c6570fb8c5797c3e451e094a8c738fd36b770_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:406c4983912bdf9bc780d331e769dd8ee0257905ac2fd172483d930852a4a5ae_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7351e8e9218e7b8f6e8d650d2ff67c47973c8ee5f9b517aa8c11b6d0e15fe4b7_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:7e430d1c3a06d91113969a5e7bc9c0fd1f988a7cd5e1c3c1e71914487ecb3843_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6d85a2952b9cb9f7ff6da582e52fd04956be649e635f5ebd3d4237ce113693e5_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c484d4cbc9e5f07741a8db0f99c339e9179bf2e9a0bb9c923c91dcad39fc45d7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:cbe4b44f0d233c50d0ce1521930904da6a69544515892fd127bec07fc880d0d3_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:e2c2f26eac8dcfe65708cdef57188787a068ca5d40941ed1a3efef2ccd0ca8be_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:0ec530e79c8620d187afcbeac1ecf3780f3322c9b7500d0ab4d27f1df6b9ed18_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:1355bc1d05962b49c060ab216ef71e8576a85748aa0847980a9e22d3a8124dea_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:32c461ce7fc4516c540a53a2f551ae6fa2eccfebac5ce24f478dba6777fb913d_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:9ff3fcb6301eee1f3d21573d10521983f90e83535f46e217fce43c937fa8bf1d_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:23079
Vulnerability from csaf_redhat - Published: 2025-12-10 18:25 - Updated: 2026-01-14 10:18Summary
Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (ROCm)
Notes
Topic
Red Hat AI Inference Server 3.2.2 (ROCm) is now available.
Details
Red Hat® AI Inference Server
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.2 (ROCm) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23079",
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-48022",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52355",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52356",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56433",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-5318",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53905",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53906",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59425",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6242",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62593",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62727",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8176",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9900",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23079.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (ROCm)",
"tracking": {
"current_release_date": "2026-01-14T10:18:01+00:00",
"generator": {
"date": "2026-01-14T10:18:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:23079",
"initial_release_date": "2025-12-10T18:25:33+00:00",
"revision_history": [
{
"date": "2025-12-10T18:25:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-10T18:25:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-14T10:18:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-rocm-rhel9@sha256%3A7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.2-1765379049"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48022",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-08-07T17:35:20.588000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code execution on the affected Ray cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray Job Submission Arbitrary Code Execution",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "RHBZ#2387122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022"
}
],
"release_date": "2025-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray Job Submission Arbitrary Code Execution"
},
{
"cve": "CVE-2023-52355",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251326"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified out-of-memory vulnerability in libtiff, triggered by a crafted TIFF file passed to the TIFFRasterScanlineSize64() API, presents a moderate severity concern rather than a important one due to several factors. Primarily, the exploit requires the crafted input to be smaller than 379 KB, imposing a limitation on the potential impact and reducing the likelihood of successful exploitation in practical scenarios. Furthermore, the nature of the vulnerability is limited to denial-of-service attacks, which, although disruptive, do not inherently pose a direct risk of data compromise or system compromise. However, it\u0027s important to acknowledge that denial-of-service attacks can still have significant operational implications, particularly in environments reliant on continuous availability.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-787: Out-of-bounds Write vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software settings, while least functionality reduces the attack surface by disabling unauthorized services and ports. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code exploiting out-of-bounds write vulnerabilities, using mechanisms such as file integrity monitoring and patch management. Robust input validation and error handling ensure all user inputs are thoroughly validated, preventing instability, data exposure, or privilege escalation. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against out-of-bounds write exploits.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "RHBZ#2251326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/621",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/621"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM"
},
{
"cve": "CVE-2023-52356",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251344"
}
],
"notes": [
{
"category": "description",
"text": "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw allows an attacker to potentially cause a denial of service attack by crashing a program, but the impact is minimal.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "RHBZ#2251344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/622",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/622"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service"
},
{
"cve": "CVE-2024-56433",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2024-12-26T09:00:54.065197+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2334165"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "RHBZ#2334165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241",
"url": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/issues/1157",
"url": "https://github.com/shadow-maint/shadow/issues/1157"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/releases/tag/4.4",
"url": "https://github.com/shadow-maint/shadow/releases/tag/4.4"
}
],
"release_date": "2024-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise"
},
{
"acknowledgments": [
{
"names": [
"Ronald Crane"
]
}
],
"cve": "CVE-2025-5318",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-05-29T06:48:59.169000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369131"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libssh: out-of-bounds read in sftp_handle()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue requires an attacker with valid credentials to access a server, limiting the scope to legitimate users of the SFTP service. Due to this reason, this flaw has been rated with a Moderate severity.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-125: Out-of-bounds Read vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe use of baseline configurations, change control, and configuration settings within the platform enforces secure system configurations, patch management, and proper runtime settings, which helps prevent the introduction of memory handling issues through insecure defaults, unpatched components, and misconfigurations. Specifically, the use of process isolation and memory protection ensures memory integrity by isolating processes and enforcing memory protection mechanisms that limit an attacker\u0027s ability to exploit or read memory. System monitoring controls provide an additional layer of protection in the detection of anomalous behavior and unauthorized memory-related access.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "RHBZ#2369131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt",
"url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt"
}
],
"release_date": "2025-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libssh: out-of-bounds read in sftp_handle()"
},
{
"cve": "CVE-2025-6242",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-06-18T15:26:47.633000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373716"
}
],
"notes": [
{
"category": "description",
"text": "A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project\u0027s multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Server Side request forgery (SSRF) in MediaConnector",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as having the severity of Important by the Red Hat Product Security team as a successful exploitation by an attacker may lead to confidential data being leaked or a denial of service. Additionally the fact a unprivileged user can trigger this vulnerability through the network also contributes for the severity.\n\nThis vulnerability has its risk amplified on orchestrated environments as pods running the vLLM may eventually communicate with each other through internal cluster routing, including services that should not have been exposed to external networks. An attacker may leverage this flaw to interact with internal services, perform network reconnaissance or trigger a denial of service by leading other internal services to fail.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "RHBZ#2373716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373716"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Server Side request forgery (SSRF) in MediaConnector"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8176",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-26T04:00:56.216434+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: LibTIFF Use-After-Free Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Important because it involves a use-after-free flaw in the get_histogram function of LibTIFF\u2019s tiffmedian tool. Successful exploitation may allow a local attacker to execute arbitrary code or cause a denial of service, leading to loss of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "RHBZ#2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176"
},
{
"category": "external",
"summary": "http://www.libtiff.org/",
"url": "http://www.libtiff.org/"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172",
"url": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/707",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/707"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727"
},
{
"category": "external",
"summary": "https://vuldb.com/?ctiid.317590",
"url": "https://vuldb.com/?ctiid.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.317590",
"url": "https://vuldb.com/?id.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?submit.621796",
"url": "https://vuldb.com/?submit.621796"
}
],
"release_date": "2025-07-26T03:32:08.851000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: LibTIFF Use-After-Free Vulnerability"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-787: Out-of-bounds Write or a CWE-125: Out-of-bounds Read vulnerability, and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines and baseline configurations to ensure secure system and software settings, while least functionality reduces the attack surface by disabling unnecessary services and ports. Rigorous development practices, including static analysis, input validation, and error handling, detect and mitigate memory vulnerabilities before deployment. Process isolation and memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) preserve memory integrity by confining faults to individual workloads and preventing unauthorized access. Malicious code protections and continuous system monitoring detect anomalous memory activity and exploitation attempts, reducing the likelihood and impact of out-of-bounds read and write vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"acknowledgments": [
{
"names": [
"Gareth C"
],
"organization": "AnchorSec Ltd."
}
],
"cve": "CVE-2025-9900",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2025-09-03T02:48:12.111000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file\u0027s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Libtiff Write-What-Where",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires user interaction to run the malicious TIFF image file, hence the CVE is maintained as important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "RHBZ#2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file",
"url": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/704",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/704"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732"
},
{
"category": "external",
"summary": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html",
"url": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"
}
],
"release_date": "2025-09-22T14:29:35.767000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: Libtiff Write-What-Where"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-53905",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:19.770241+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380362"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversial",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation enforces strict path constraints, rejecting directory traversal attempts or unauthorized file access. Runtime environments restrict code execution to predefined privilege levels, preventing escalation from traversal exploits. Configuration settings limit accessible directories and enforce execution boundaries to reduce the influence of user input on file system behavior. Application components are developed and validated against secure coding standards that explicitly prevent path manipulation, further minimizing exploitation risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "RHBZ#2380362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239",
"url": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr",
"url": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr"
}
],
"release_date": "2025-07-15T20:48:34.764000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversial"
},
{
"cve": "CVE-2025-53906",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:15.057182+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380360"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation enforces strict path constraints, rejecting directory traversal attempts or unauthorized file access. Runtime environments restrict code execution to predefined privilege levels, preventing escalation from traversal exploits. Configuration settings limit accessible directories and enforce execution boundaries to reduce the influence of user input on file system behavior. Application components are developed and validated against secure coding standards that explicitly prevent path manipulation, further minimizing exploitation risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "RHBZ#2380360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8",
"url": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86",
"url": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86"
}
],
"release_date": "2025-07-15T20:52:40.137000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversal"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-59425",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2025-09-22T06:45:41.577000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397234"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM\u2019s API token authentication logic, where token comparisons were not performed in constant time. This weakness could allow an attacker to exploit timing differences to guess valid tokens and bypass authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The RedHat security team has rated the severity of this issue as Important. The vulnerability is remotely exploitable without authentication or user interaction and can result in authentication bypass. The root cause was the use of a non-constant-time string comparison, which leaked timing information. Successful exploitation could lead to unauthorized access to APIs and sensitive resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "RHBZ#2397234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48",
"url": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass"
},
{
"cve": "CVE-2025-62593",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-11-26T23:01:25.307125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417394"
}
],
"notes": [
{
"category": "description",
"text": "Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense uses the User-Agent header starting with the string \"Mozilla\" as a defense mechanism. This defense is insufficient as the fetch specification allows the User-Agent header to be modified. Combined with a DNS rebinding attack against the browser, and this vulnerability is exploitable against a developer running Ray who inadvertently visits a malicious website, or is served a malicious advertisement (malvertising). This issue has been patched in version 2.52.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has chosen to keep this as Important instead of Critical severity because the successful exploitation of this vulnerability requires user interaction in conjunction with a DNS rebinding attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "RHBZ#2417394",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417394"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62593",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62593"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09",
"url": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v",
"url": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v"
}
],
"release_date": "2025-11-26T22:28:28.577000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack"
},
{
"cve": "CVE-2025-62727",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2025-10-28T21:01:03.833849+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406929"
}
],
"notes": [
{
"category": "description",
"text": "Starlette is a lightweight ASGI framework/toolkit. Starting in version 0.39.0 and prior to version 0.49.1 , an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette\u0027s FileResponse Range parsing/merging logic. This enables CPU exhaustion per request, causing denial\u2011of\u2011service for endpoints serving files (e.g., StaticFiles or any use of FileResponse). This vulnerability is fixed in 0.49.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "starlette: Starlette DoS via Range header merging",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "RHBZ#2406929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5",
"url": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8",
"url": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8"
}
],
"release_date": "2025-10-28T20:14:53.655000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "starlette: Starlette DoS via Range header merging"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:25:33+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23079",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-rocm-rhel9@sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
}
]
}
RHSA-2025:23550
Vulnerability from csaf_redhat - Published: 2025-12-17 20:50 - Updated: 2026-01-13 22:44Summary
Red Hat Security Advisory: RHSA 4.8.7 security and bug fix update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details
See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23550",
"url": "https://access.redhat.com/errata/RHSA-2025:23550"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-487_release-notes-48",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-487_release-notes-48"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23550.json"
}
],
"title": "Red Hat Security Advisory: RHSA 4.8.7 security and bug fix update",
"tracking": {
"current_release_date": "2026-01-13T22:44:07+00:00",
"generator": {
"date": "2026-01-13T22:44:07+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:23550",
"initial_release_date": "2025-12-17T20:50:30+00:00",
"revision_history": [
{
"date": "2025-12-17T20:50:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-17T20:50:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:44:07+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security 4.8",
"product": {
"name": "Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:663b633499c8230fb47d4e8c0094403edc8b9c7b74aea5d56fe84bb18a1500c4_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:663b633499c8230fb47d4e8c0094403edc8b9c7b74aea5d56fe84bb18a1500c4_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:663b633499c8230fb47d4e8c0094403edc8b9c7b74aea5d56fe84bb18a1500c4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A663b633499c8230fb47d4e8c0094403edc8b9c7b74aea5d56fe84bb18a1500c4?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:978b887e3c156ccac9c88c6e7faf6dc3c8f4add830e136305728bb8ad9412183_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:978b887e3c156ccac9c88c6e7faf6dc3c8f4add830e136305728bb8ad9412183_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:978b887e3c156ccac9c88c6e7faf6dc3c8f4add830e136305728bb8ad9412183_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A978b887e3c156ccac9c88c6e7faf6dc3c8f4add830e136305728bb8ad9412183?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:167aba25291e12b7b35098c72f48d81243c0388e12435b600516b8301f9414d9_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:167aba25291e12b7b35098c72f48d81243c0388e12435b600516b8301f9414d9_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:167aba25291e12b7b35098c72f48d81243c0388e12435b600516b8301f9414d9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A167aba25291e12b7b35098c72f48d81243c0388e12435b600516b8301f9414d9?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:311585facdfee155f466002f3ab4a804555f18cb34ce4eaa291f49ff8b117bb4_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:311585facdfee155f466002f3ab4a804555f18cb34ce4eaa291f49ff8b117bb4_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:311585facdfee155f466002f3ab4a804555f18cb34ce4eaa291f49ff8b117bb4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A311585facdfee155f466002f3ab4a804555f18cb34ce4eaa291f49ff8b117bb4?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8db769981b2fecc5f079f4ab106d62b9cbf92f112f75119bd7508acaec8952e7_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8db769981b2fecc5f079f4ab106d62b9cbf92f112f75119bd7508acaec8952e7_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8db769981b2fecc5f079f4ab106d62b9cbf92f112f75119bd7508acaec8952e7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A8db769981b2fecc5f079f4ab106d62b9cbf92f112f75119bd7508acaec8952e7?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:81901a90ba59fe931cf0223d8cad5e5d1d970151d3a59493ca724d59e9e6493b_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:81901a90ba59fe931cf0223d8cad5e5d1d970151d3a59493ca724d59e9e6493b_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:81901a90ba59fe931cf0223d8cad5e5d1d970151d3a59493ca724d59e9e6493b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A81901a90ba59fe931cf0223d8cad5e5d1d970151d3a59493ca724d59e9e6493b?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5ebb6a165c63a0f72a6fcc01c247a5597fd87bd87ce7d2b20745240a1da7b7fb_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5ebb6a165c63a0f72a6fcc01c247a5597fd87bd87ce7d2b20745240a1da7b7fb_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5ebb6a165c63a0f72a6fcc01c247a5597fd87bd87ce7d2b20745240a1da7b7fb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A5ebb6a165c63a0f72a6fcc01c247a5597fd87bd87ce7d2b20745240a1da7b7fb?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a269cd0991720451bde21df2a4c9186acc971b76ea9b07863e5919a8522d606a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a269cd0991720451bde21df2a4c9186acc971b76ea9b07863e5919a8522d606a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a269cd0991720451bde21df2a4c9186acc971b76ea9b07863e5919a8522d606a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Aa269cd0991720451bde21df2a4c9186acc971b76ea9b07863e5919a8522d606a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c3ba85a02158d1390946b2f1170faeba8cc1e21bcf00def01cd1dceffe459dab_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c3ba85a02158d1390946b2f1170faeba8cc1e21bcf00def01cd1dceffe459dab_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c3ba85a02158d1390946b2f1170faeba8cc1e21bcf00def01cd1dceffe459dab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ac3ba85a02158d1390946b2f1170faeba8cc1e21bcf00def01cd1dceffe459dab?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:416bcfa0abc17b80b446461a1a7279531f8d2e0961112eed3746c2defcefc862_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:416bcfa0abc17b80b446461a1a7279531f8d2e0961112eed3746c2defcefc862_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:416bcfa0abc17b80b446461a1a7279531f8d2e0961112eed3746c2defcefc862_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A416bcfa0abc17b80b446461a1a7279531f8d2e0961112eed3746c2defcefc862?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc61f8f1c43661c4861c451a14ea801af7fee7789cc42a454221bfbc06b12528_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc61f8f1c43661c4861c451a14ea801af7fee7789cc42a454221bfbc06b12528_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc61f8f1c43661c4861c451a14ea801af7fee7789cc42a454221bfbc06b12528_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Afc61f8f1c43661c4861c451a14ea801af7fee7789cc42a454221bfbc06b12528?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:798b8dd5a606592f6a3b5a3446ca88232c6450619db8d0c83af2f1fa827791bc_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:798b8dd5a606592f6a3b5a3446ca88232c6450619db8d0c83af2f1fa827791bc_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:798b8dd5a606592f6a3b5a3446ca88232c6450619db8d0c83af2f1fa827791bc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A798b8dd5a606592f6a3b5a3446ca88232c6450619db8d0c83af2f1fa827791bc?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:01afee5bfa92b8c5220b33f1610b8ae6c7611a802e43904c42014c9eda0c5586_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:01afee5bfa92b8c5220b33f1610b8ae6c7611a802e43904c42014c9eda0c5586_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:01afee5bfa92b8c5220b33f1610b8ae6c7611a802e43904c42014c9eda0c5586_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A01afee5bfa92b8c5220b33f1610b8ae6c7611a802e43904c42014c9eda0c5586?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:bd8e764d37d7f0ff5e637bbf7d56572eb1f560d82767593774cd10b84d1ddd93_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:bd8e764d37d7f0ff5e637bbf7d56572eb1f560d82767593774cd10b84d1ddd93_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:bd8e764d37d7f0ff5e637bbf7d56572eb1f560d82767593774cd10b84d1ddd93_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Abd8e764d37d7f0ff5e637bbf7d56572eb1f560d82767593774cd10b84d1ddd93?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:899e6c4761d0c70e04629f73e9e5b7ee03b1f8cb05580ffc32116e522b278039_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:899e6c4761d0c70e04629f73e9e5b7ee03b1f8cb05580ffc32116e522b278039_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:899e6c4761d0c70e04629f73e9e5b7ee03b1f8cb05580ffc32116e522b278039_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A899e6c4761d0c70e04629f73e9e5b7ee03b1f8cb05580ffc32116e522b278039?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c08e5f2f4d01dd3c75f65cc731e12658a4d1e17d6b3113ce1dc2ae5799852705_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c08e5f2f4d01dd3c75f65cc731e12658a4d1e17d6b3113ce1dc2ae5799852705_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c08e5f2f4d01dd3c75f65cc731e12658a4d1e17d6b3113ce1dc2ae5799852705_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ac08e5f2f4d01dd3c75f65cc731e12658a4d1e17d6b3113ce1dc2ae5799852705?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:976ad47ea4c9cf62e17b59256fedf7f32ec779ae808262c0e1e1a7779705f083_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:976ad47ea4c9cf62e17b59256fedf7f32ec779ae808262c0e1e1a7779705f083_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:976ad47ea4c9cf62e17b59256fedf7f32ec779ae808262c0e1e1a7779705f083_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A976ad47ea4c9cf62e17b59256fedf7f32ec779ae808262c0e1e1a7779705f083?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8470fd7f948c8195ec63ebf39e9589ceecb6b5cdf8b71f786cb32f602c8a1eef_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8470fd7f948c8195ec63ebf39e9589ceecb6b5cdf8b71f786cb32f602c8a1eef_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8470fd7f948c8195ec63ebf39e9589ceecb6b5cdf8b71f786cb32f602c8a1eef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A8470fd7f948c8195ec63ebf39e9589ceecb6b5cdf8b71f786cb32f602c8a1eef?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:418a951de9a504a26ff31ef7f267cc6af7574a75de21d704cf1693d15c307e58_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:418a951de9a504a26ff31ef7f267cc6af7574a75de21d704cf1693d15c307e58_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:418a951de9a504a26ff31ef7f267cc6af7574a75de21d704cf1693d15c307e58_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A418a951de9a504a26ff31ef7f267cc6af7574a75de21d704cf1693d15c307e58?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d27ce90fd808d98e64b05043e50350437bed84d075db1c3ea3d23475613b78d6_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d27ce90fd808d98e64b05043e50350437bed84d075db1c3ea3d23475613b78d6_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d27ce90fd808d98e64b05043e50350437bed84d075db1c3ea3d23475613b78d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ad27ce90fd808d98e64b05043e50350437bed84d075db1c3ea3d23475613b78d6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e3ebd256fdda682e6f9145d88bf425b47dcef5c9aff49667fc80aa4468603319_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e3ebd256fdda682e6f9145d88bf425b47dcef5c9aff49667fc80aa4468603319_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e3ebd256fdda682e6f9145d88bf425b47dcef5c9aff49667fc80aa4468603319_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ae3ebd256fdda682e6f9145d88bf425b47dcef5c9aff49667fc80aa4468603319?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4ef9767e1c7d6f790adc8440ea76510c7654bffa490399445c98eeaf140a758f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4ef9767e1c7d6f790adc8440ea76510c7654bffa490399445c98eeaf140a758f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4ef9767e1c7d6f790adc8440ea76510c7654bffa490399445c98eeaf140a758f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A4ef9767e1c7d6f790adc8440ea76510c7654bffa490399445c98eeaf140a758f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:33f3717c6f55ae602bf05c7f369082fc26f5948965659b945cc4b58d21346f6a_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:33f3717c6f55ae602bf05c7f369082fc26f5948965659b945cc4b58d21346f6a_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:33f3717c6f55ae602bf05c7f369082fc26f5948965659b945cc4b58d21346f6a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A33f3717c6f55ae602bf05c7f369082fc26f5948965659b945cc4b58d21346f6a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7ad736268d5717923de2308f8ee8b6a492d54ace29dea6654b15b19b5e72cc10_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7ad736268d5717923de2308f8ee8b6a492d54ace29dea6654b15b19b5e72cc10_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7ad736268d5717923de2308f8ee8b6a492d54ace29dea6654b15b19b5e72cc10_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A7ad736268d5717923de2308f8ee8b6a492d54ace29dea6654b15b19b5e72cc10?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b083c3f0682749eb4d9218e27440c48ddb3553d0b0c5e596aa00f4623d3a1230_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b083c3f0682749eb4d9218e27440c48ddb3553d0b0c5e596aa00f4623d3a1230_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b083c3f0682749eb4d9218e27440c48ddb3553d0b0c5e596aa00f4623d3a1230_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ab083c3f0682749eb4d9218e27440c48ddb3553d0b0c5e596aa00f4623d3a1230?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9e9abaf0df077ca0d0f7ed49423f42dfa9fa591ac2aff0eb7ff4e5895fc91aa7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9e9abaf0df077ca0d0f7ed49423f42dfa9fa591ac2aff0eb7ff4e5895fc91aa7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9e9abaf0df077ca0d0f7ed49423f42dfa9fa591ac2aff0eb7ff4e5895fc91aa7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A9e9abaf0df077ca0d0f7ed49423f42dfa9fa591ac2aff0eb7ff4e5895fc91aa7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:24481e3ee1dab49893e7f5891e97e3287ec6f35105b6e927ce0acc7da24a6982_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:24481e3ee1dab49893e7f5891e97e3287ec6f35105b6e927ce0acc7da24a6982_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:24481e3ee1dab49893e7f5891e97e3287ec6f35105b6e927ce0acc7da24a6982_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3A24481e3ee1dab49893e7f5891e97e3287ec6f35105b6e927ce0acc7da24a6982?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6c17ff5115ebe1206681f282c6cf32dfe5f94db8a2ab779512a8e09553a8b92b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6c17ff5115ebe1206681f282c6cf32dfe5f94db8a2ab779512a8e09553a8b92b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6c17ff5115ebe1206681f282c6cf32dfe5f94db8a2ab779512a8e09553a8b92b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A6c17ff5115ebe1206681f282c6cf32dfe5f94db8a2ab779512a8e09553a8b92b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:10b596212408e9e8304a39069ed23e4c1c9217c549a3974197847c7855c4e253_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:10b596212408e9e8304a39069ed23e4c1c9217c549a3974197847c7855c4e253_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:10b596212408e9e8304a39069ed23e4c1c9217c549a3974197847c7855c4e253_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A10b596212408e9e8304a39069ed23e4c1c9217c549a3974197847c7855c4e253?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4be4eefce4730e4435bfd1abe06c8582e19d8e638b30234baaff30800e5443_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4be4eefce4730e4435bfd1abe06c8582e19d8e638b30234baaff30800e5443_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4be4eefce4730e4435bfd1abe06c8582e19d8e638b30234baaff30800e5443_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Adb4be4eefce4730e4435bfd1abe06c8582e19d8e638b30234baaff30800e5443?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:9acf24325543bd8570f410a120450b71fe64ff769a6f8e387ff95bd1022856dd_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:9acf24325543bd8570f410a120450b71fe64ff769a6f8e387ff95bd1022856dd_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:9acf24325543bd8570f410a120450b71fe64ff769a6f8e387ff95bd1022856dd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A9acf24325543bd8570f410a120450b71fe64ff769a6f8e387ff95bd1022856dd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:25c12ba6503e762b1310b02c8b2b28f6963b01f4c26dc4553fcadcf046234de0_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:25c12ba6503e762b1310b02c8b2b28f6963b01f4c26dc4553fcadcf046234de0_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:25c12ba6503e762b1310b02c8b2b28f6963b01f4c26dc4553fcadcf046234de0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A25c12ba6503e762b1310b02c8b2b28f6963b01f4c26dc4553fcadcf046234de0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c502c6976b2a3bb72a08bc5a15e534dbb02dd792f05b2081d74cf4dca85cf37e_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c502c6976b2a3bb72a08bc5a15e534dbb02dd792f05b2081d74cf4dca85cf37e_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c502c6976b2a3bb72a08bc5a15e534dbb02dd792f05b2081d74cf4dca85cf37e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ac502c6976b2a3bb72a08bc5a15e534dbb02dd792f05b2081d74cf4dca85cf37e?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:103b45a6d4032d2f2aad80f200093870415741a94e45969af5cb9ac74b9d90fb_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:103b45a6d4032d2f2aad80f200093870415741a94e45969af5cb9ac74b9d90fb_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:103b45a6d4032d2f2aad80f200093870415741a94e45969af5cb9ac74b9d90fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A103b45a6d4032d2f2aad80f200093870415741a94e45969af5cb9ac74b9d90fb?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:45a6429f750545190f0ccf20398402b45e9f1b6c58da928a3646c6b8bf953b61_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:45a6429f750545190f0ccf20398402b45e9f1b6c58da928a3646c6b8bf953b61_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:45a6429f750545190f0ccf20398402b45e9f1b6c58da928a3646c6b8bf953b61_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A45a6429f750545190f0ccf20398402b45e9f1b6c58da928a3646c6b8bf953b61?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5357318c90aeb742442e2db7cbc2877a784b5d70b587b69dfad1eb327f553900_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5357318c90aeb742442e2db7cbc2877a784b5d70b587b69dfad1eb327f553900_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5357318c90aeb742442e2db7cbc2877a784b5d70b587b69dfad1eb327f553900_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A5357318c90aeb742442e2db7cbc2877a784b5d70b587b69dfad1eb327f553900?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ca54cda9c9dc5057bf358d8726da096536693699d7afe35894771ded1e8344fc_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ca54cda9c9dc5057bf358d8726da096536693699d7afe35894771ded1e8344fc_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ca54cda9c9dc5057bf358d8726da096536693699d7afe35894771ded1e8344fc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Aca54cda9c9dc5057bf358d8726da096536693699d7afe35894771ded1e8344fc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:7f628638e169ff2c041d52a6d99387ca6e7d0829861c963a5a31c5e60c90af4f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:7f628638e169ff2c041d52a6d99387ca6e7d0829861c963a5a31c5e60c90af4f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:7f628638e169ff2c041d52a6d99387ca6e7d0829861c963a5a31c5e60c90af4f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A7f628638e169ff2c041d52a6d99387ca6e7d0829861c963a5a31c5e60c90af4f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b72a08265a5f91bff282d2cbcb7f2deea0f6dc4d929cb52b1d07476e431be150_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b72a08265a5f91bff282d2cbcb7f2deea0f6dc4d929cb52b1d07476e431be150_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b72a08265a5f91bff282d2cbcb7f2deea0f6dc4d929cb52b1d07476e431be150_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ab72a08265a5f91bff282d2cbcb7f2deea0f6dc4d929cb52b1d07476e431be150?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7aa506c702445f4a3b69566ee299d5a943d3b9991a4a23c6961ed4e42690af3b_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7aa506c702445f4a3b69566ee299d5a943d3b9991a4a23c6961ed4e42690af3b_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7aa506c702445f4a3b69566ee299d5a943d3b9991a4a23c6961ed4e42690af3b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A7aa506c702445f4a3b69566ee299d5a943d3b9991a4a23c6961ed4e42690af3b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1b6d931578d1e5e82e305e62a8328278b8292d63ef70a88b436fae6c171905b5_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1b6d931578d1e5e82e305e62a8328278b8292d63ef70a88b436fae6c171905b5_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1b6d931578d1e5e82e305e62a8328278b8292d63ef70a88b436fae6c171905b5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A1b6d931578d1e5e82e305e62a8328278b8292d63ef70a88b436fae6c171905b5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c0992ea41ed0e01478199af484e921d472a1b1e34e09fe4ae7faa6009f0318e_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c0992ea41ed0e01478199af484e921d472a1b1e34e09fe4ae7faa6009f0318e_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c0992ea41ed0e01478199af484e921d472a1b1e34e09fe4ae7faa6009f0318e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A0c0992ea41ed0e01478199af484e921d472a1b1e34e09fe4ae7faa6009f0318e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8c3b996bfda0c74b39b1f134a7a62c3286e033bc4ecb4d11ff910231986472ac_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8c3b996bfda0c74b39b1f134a7a62c3286e033bc4ecb4d11ff910231986472ac_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8c3b996bfda0c74b39b1f134a7a62c3286e033bc4ecb4d11ff910231986472ac_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A8c3b996bfda0c74b39b1f134a7a62c3286e033bc4ecb4d11ff910231986472ac?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9f5d9350bb2cc0e84928860b021f769df3047f3eb9c8dc870af7ecf6af991496_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9f5d9350bb2cc0e84928860b021f769df3047f3eb9c8dc870af7ecf6af991496_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9f5d9350bb2cc0e84928860b021f769df3047f3eb9c8dc870af7ecf6af991496_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A9f5d9350bb2cc0e84928860b021f769df3047f3eb9c8dc870af7ecf6af991496?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4dba7b25b2129a6d448e5dc27a669b2ad963bc5efadff3fac73f583afcc717b1_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4dba7b25b2129a6d448e5dc27a669b2ad963bc5efadff3fac73f583afcc717b1_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4dba7b25b2129a6d448e5dc27a669b2ad963bc5efadff3fac73f583afcc717b1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A4dba7b25b2129a6d448e5dc27a669b2ad963bc5efadff3fac73f583afcc717b1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:01afee5bfa92b8c5220b33f1610b8ae6c7611a802e43904c42014c9eda0c5586_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:01afee5bfa92b8c5220b33f1610b8ae6c7611a802e43904c42014c9eda0c5586_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:01afee5bfa92b8c5220b33f1610b8ae6c7611a802e43904c42014c9eda0c5586_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:33f3717c6f55ae602bf05c7f369082fc26f5948965659b945cc4b58d21346f6a_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:33f3717c6f55ae602bf05c7f369082fc26f5948965659b945cc4b58d21346f6a_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:33f3717c6f55ae602bf05c7f369082fc26f5948965659b945cc4b58d21346f6a_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:45a6429f750545190f0ccf20398402b45e9f1b6c58da928a3646c6b8bf953b61_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:45a6429f750545190f0ccf20398402b45e9f1b6c58da928a3646c6b8bf953b61_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:45a6429f750545190f0ccf20398402b45e9f1b6c58da928a3646c6b8bf953b61_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:978b887e3c156ccac9c88c6e7faf6dc3c8f4add830e136305728bb8ad9412183_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:978b887e3c156ccac9c88c6e7faf6dc3c8f4add830e136305728bb8ad9412183_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:978b887e3c156ccac9c88c6e7faf6dc3c8f4add830e136305728bb8ad9412183_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:167aba25291e12b7b35098c72f48d81243c0388e12435b600516b8301f9414d9_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:167aba25291e12b7b35098c72f48d81243c0388e12435b600516b8301f9414d9_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:167aba25291e12b7b35098c72f48d81243c0388e12435b600516b8301f9414d9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5357318c90aeb742442e2db7cbc2877a784b5d70b587b69dfad1eb327f553900_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5357318c90aeb742442e2db7cbc2877a784b5d70b587b69dfad1eb327f553900_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5357318c90aeb742442e2db7cbc2877a784b5d70b587b69dfad1eb327f553900_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7ad736268d5717923de2308f8ee8b6a492d54ace29dea6654b15b19b5e72cc10_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7ad736268d5717923de2308f8ee8b6a492d54ace29dea6654b15b19b5e72cc10_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7ad736268d5717923de2308f8ee8b6a492d54ace29dea6654b15b19b5e72cc10_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:bd8e764d37d7f0ff5e637bbf7d56572eb1f560d82767593774cd10b84d1ddd93_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:bd8e764d37d7f0ff5e637bbf7d56572eb1f560d82767593774cd10b84d1ddd93_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:bd8e764d37d7f0ff5e637bbf7d56572eb1f560d82767593774cd10b84d1ddd93_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:311585facdfee155f466002f3ab4a804555f18cb34ce4eaa291f49ff8b117bb4_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:311585facdfee155f466002f3ab4a804555f18cb34ce4eaa291f49ff8b117bb4_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:311585facdfee155f466002f3ab4a804555f18cb34ce4eaa291f49ff8b117bb4_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:899e6c4761d0c70e04629f73e9e5b7ee03b1f8cb05580ffc32116e522b278039_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:899e6c4761d0c70e04629f73e9e5b7ee03b1f8cb05580ffc32116e522b278039_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:899e6c4761d0c70e04629f73e9e5b7ee03b1f8cb05580ffc32116e522b278039_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b083c3f0682749eb4d9218e27440c48ddb3553d0b0c5e596aa00f4623d3a1230_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b083c3f0682749eb4d9218e27440c48ddb3553d0b0c5e596aa00f4623d3a1230_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b083c3f0682749eb4d9218e27440c48ddb3553d0b0c5e596aa00f4623d3a1230_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ca54cda9c9dc5057bf358d8726da096536693699d7afe35894771ded1e8344fc_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ca54cda9c9dc5057bf358d8726da096536693699d7afe35894771ded1e8344fc_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ca54cda9c9dc5057bf358d8726da096536693699d7afe35894771ded1e8344fc_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:24481e3ee1dab49893e7f5891e97e3287ec6f35105b6e927ce0acc7da24a6982_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:24481e3ee1dab49893e7f5891e97e3287ec6f35105b6e927ce0acc7da24a6982_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:24481e3ee1dab49893e7f5891e97e3287ec6f35105b6e927ce0acc7da24a6982_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:7f628638e169ff2c041d52a6d99387ca6e7d0829861c963a5a31c5e60c90af4f_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:7f628638e169ff2c041d52a6d99387ca6e7d0829861c963a5a31c5e60c90af4f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:7f628638e169ff2c041d52a6d99387ca6e7d0829861c963a5a31c5e60c90af4f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8db769981b2fecc5f079f4ab106d62b9cbf92f112f75119bd7508acaec8952e7_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8db769981b2fecc5f079f4ab106d62b9cbf92f112f75119bd7508acaec8952e7_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8db769981b2fecc5f079f4ab106d62b9cbf92f112f75119bd7508acaec8952e7_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9e9abaf0df077ca0d0f7ed49423f42dfa9fa591ac2aff0eb7ff4e5895fc91aa7_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9e9abaf0df077ca0d0f7ed49423f42dfa9fa591ac2aff0eb7ff4e5895fc91aa7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9e9abaf0df077ca0d0f7ed49423f42dfa9fa591ac2aff0eb7ff4e5895fc91aa7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c08e5f2f4d01dd3c75f65cc731e12658a4d1e17d6b3113ce1dc2ae5799852705_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c08e5f2f4d01dd3c75f65cc731e12658a4d1e17d6b3113ce1dc2ae5799852705_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c08e5f2f4d01dd3c75f65cc731e12658a4d1e17d6b3113ce1dc2ae5799852705_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:663b633499c8230fb47d4e8c0094403edc8b9c7b74aea5d56fe84bb18a1500c4_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:663b633499c8230fb47d4e8c0094403edc8b9c7b74aea5d56fe84bb18a1500c4_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:663b633499c8230fb47d4e8c0094403edc8b9c7b74aea5d56fe84bb18a1500c4_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6c17ff5115ebe1206681f282c6cf32dfe5f94db8a2ab779512a8e09553a8b92b_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6c17ff5115ebe1206681f282c6cf32dfe5f94db8a2ab779512a8e09553a8b92b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6c17ff5115ebe1206681f282c6cf32dfe5f94db8a2ab779512a8e09553a8b92b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:798b8dd5a606592f6a3b5a3446ca88232c6450619db8d0c83af2f1fa827791bc_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:798b8dd5a606592f6a3b5a3446ca88232c6450619db8d0c83af2f1fa827791bc_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:798b8dd5a606592f6a3b5a3446ca88232c6450619db8d0c83af2f1fa827791bc_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b72a08265a5f91bff282d2cbcb7f2deea0f6dc4d929cb52b1d07476e431be150_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b72a08265a5f91bff282d2cbcb7f2deea0f6dc4d929cb52b1d07476e431be150_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b72a08265a5f91bff282d2cbcb7f2deea0f6dc4d929cb52b1d07476e431be150_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1b6d931578d1e5e82e305e62a8328278b8292d63ef70a88b436fae6c171905b5_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1b6d931578d1e5e82e305e62a8328278b8292d63ef70a88b436fae6c171905b5_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1b6d931578d1e5e82e305e62a8328278b8292d63ef70a88b436fae6c171905b5_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5ebb6a165c63a0f72a6fcc01c247a5597fd87bd87ce7d2b20745240a1da7b7fb_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5ebb6a165c63a0f72a6fcc01c247a5597fd87bd87ce7d2b20745240a1da7b7fb_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5ebb6a165c63a0f72a6fcc01c247a5597fd87bd87ce7d2b20745240a1da7b7fb_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8470fd7f948c8195ec63ebf39e9589ceecb6b5cdf8b71f786cb32f602c8a1eef_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8470fd7f948c8195ec63ebf39e9589ceecb6b5cdf8b71f786cb32f602c8a1eef_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8470fd7f948c8195ec63ebf39e9589ceecb6b5cdf8b71f786cb32f602c8a1eef_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4be4eefce4730e4435bfd1abe06c8582e19d8e638b30234baaff30800e5443_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4be4eefce4730e4435bfd1abe06c8582e19d8e638b30234baaff30800e5443_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4be4eefce4730e4435bfd1abe06c8582e19d8e638b30234baaff30800e5443_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c0992ea41ed0e01478199af484e921d472a1b1e34e09fe4ae7faa6009f0318e_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c0992ea41ed0e01478199af484e921d472a1b1e34e09fe4ae7faa6009f0318e_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c0992ea41ed0e01478199af484e921d472a1b1e34e09fe4ae7faa6009f0318e_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:418a951de9a504a26ff31ef7f267cc6af7574a75de21d704cf1693d15c307e58_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:418a951de9a504a26ff31ef7f267cc6af7574a75de21d704cf1693d15c307e58_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:418a951de9a504a26ff31ef7f267cc6af7574a75de21d704cf1693d15c307e58_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:9acf24325543bd8570f410a120450b71fe64ff769a6f8e387ff95bd1022856dd_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:9acf24325543bd8570f410a120450b71fe64ff769a6f8e387ff95bd1022856dd_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:9acf24325543bd8570f410a120450b71fe64ff769a6f8e387ff95bd1022856dd_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a269cd0991720451bde21df2a4c9186acc971b76ea9b07863e5919a8522d606a_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a269cd0991720451bde21df2a4c9186acc971b76ea9b07863e5919a8522d606a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a269cd0991720451bde21df2a4c9186acc971b76ea9b07863e5919a8522d606a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:10b596212408e9e8304a39069ed23e4c1c9217c549a3974197847c7855c4e253_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:10b596212408e9e8304a39069ed23e4c1c9217c549a3974197847c7855c4e253_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:10b596212408e9e8304a39069ed23e4c1c9217c549a3974197847c7855c4e253_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7aa506c702445f4a3b69566ee299d5a943d3b9991a4a23c6961ed4e42690af3b_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7aa506c702445f4a3b69566ee299d5a943d3b9991a4a23c6961ed4e42690af3b_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7aa506c702445f4a3b69566ee299d5a943d3b9991a4a23c6961ed4e42690af3b_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:81901a90ba59fe931cf0223d8cad5e5d1d970151d3a59493ca724d59e9e6493b_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:81901a90ba59fe931cf0223d8cad5e5d1d970151d3a59493ca724d59e9e6493b_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:81901a90ba59fe931cf0223d8cad5e5d1d970151d3a59493ca724d59e9e6493b_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:976ad47ea4c9cf62e17b59256fedf7f32ec779ae808262c0e1e1a7779705f083_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:976ad47ea4c9cf62e17b59256fedf7f32ec779ae808262c0e1e1a7779705f083_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:976ad47ea4c9cf62e17b59256fedf7f32ec779ae808262c0e1e1a7779705f083_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:25c12ba6503e762b1310b02c8b2b28f6963b01f4c26dc4553fcadcf046234de0_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:25c12ba6503e762b1310b02c8b2b28f6963b01f4c26dc4553fcadcf046234de0_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:25c12ba6503e762b1310b02c8b2b28f6963b01f4c26dc4553fcadcf046234de0_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8c3b996bfda0c74b39b1f134a7a62c3286e033bc4ecb4d11ff910231986472ac_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8c3b996bfda0c74b39b1f134a7a62c3286e033bc4ecb4d11ff910231986472ac_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8c3b996bfda0c74b39b1f134a7a62c3286e033bc4ecb4d11ff910231986472ac_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c3ba85a02158d1390946b2f1170faeba8cc1e21bcf00def01cd1dceffe459dab_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c3ba85a02158d1390946b2f1170faeba8cc1e21bcf00def01cd1dceffe459dab_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c3ba85a02158d1390946b2f1170faeba8cc1e21bcf00def01cd1dceffe459dab_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d27ce90fd808d98e64b05043e50350437bed84d075db1c3ea3d23475613b78d6_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d27ce90fd808d98e64b05043e50350437bed84d075db1c3ea3d23475613b78d6_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d27ce90fd808d98e64b05043e50350437bed84d075db1c3ea3d23475613b78d6_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:103b45a6d4032d2f2aad80f200093870415741a94e45969af5cb9ac74b9d90fb_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:103b45a6d4032d2f2aad80f200093870415741a94e45969af5cb9ac74b9d90fb_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:103b45a6d4032d2f2aad80f200093870415741a94e45969af5cb9ac74b9d90fb_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4dba7b25b2129a6d448e5dc27a669b2ad963bc5efadff3fac73f583afcc717b1_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4dba7b25b2129a6d448e5dc27a669b2ad963bc5efadff3fac73f583afcc717b1_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4dba7b25b2129a6d448e5dc27a669b2ad963bc5efadff3fac73f583afcc717b1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4ef9767e1c7d6f790adc8440ea76510c7654bffa490399445c98eeaf140a758f_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4ef9767e1c7d6f790adc8440ea76510c7654bffa490399445c98eeaf140a758f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4ef9767e1c7d6f790adc8440ea76510c7654bffa490399445c98eeaf140a758f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc61f8f1c43661c4861c451a14ea801af7fee7789cc42a454221bfbc06b12528_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc61f8f1c43661c4861c451a14ea801af7fee7789cc42a454221bfbc06b12528_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc61f8f1c43661c4861c451a14ea801af7fee7789cc42a454221bfbc06b12528_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:416bcfa0abc17b80b446461a1a7279531f8d2e0961112eed3746c2defcefc862_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:416bcfa0abc17b80b446461a1a7279531f8d2e0961112eed3746c2defcefc862_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:416bcfa0abc17b80b446461a1a7279531f8d2e0961112eed3746c2defcefc862_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9f5d9350bb2cc0e84928860b021f769df3047f3eb9c8dc870af7ecf6af991496_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9f5d9350bb2cc0e84928860b021f769df3047f3eb9c8dc870af7ecf6af991496_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9f5d9350bb2cc0e84928860b021f769df3047f3eb9c8dc870af7ecf6af991496_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c502c6976b2a3bb72a08bc5a15e534dbb02dd792f05b2081d74cf4dca85cf37e_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c502c6976b2a3bb72a08bc5a15e534dbb02dd792f05b2081d74cf4dca85cf37e_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c502c6976b2a3bb72a08bc5a15e534dbb02dd792f05b2081d74cf4dca85cf37e_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e3ebd256fdda682e6f9145d88bf425b47dcef5c9aff49667fc80aa4468603319_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e3ebd256fdda682e6f9145d88bf425b47dcef5c9aff49667fc80aa4468603319_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e3ebd256fdda682e6f9145d88bf425b47dcef5c9aff49667fc80aa4468603319_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:01afee5bfa92b8c5220b33f1610b8ae6c7611a802e43904c42014c9eda0c5586_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:33f3717c6f55ae602bf05c7f369082fc26f5948965659b945cc4b58d21346f6a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:45a6429f750545190f0ccf20398402b45e9f1b6c58da928a3646c6b8bf953b61_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:978b887e3c156ccac9c88c6e7faf6dc3c8f4add830e136305728bb8ad9412183_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:167aba25291e12b7b35098c72f48d81243c0388e12435b600516b8301f9414d9_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5357318c90aeb742442e2db7cbc2877a784b5d70b587b69dfad1eb327f553900_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7ad736268d5717923de2308f8ee8b6a492d54ace29dea6654b15b19b5e72cc10_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:bd8e764d37d7f0ff5e637bbf7d56572eb1f560d82767593774cd10b84d1ddd93_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:311585facdfee155f466002f3ab4a804555f18cb34ce4eaa291f49ff8b117bb4_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:899e6c4761d0c70e04629f73e9e5b7ee03b1f8cb05580ffc32116e522b278039_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b083c3f0682749eb4d9218e27440c48ddb3553d0b0c5e596aa00f4623d3a1230_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ca54cda9c9dc5057bf358d8726da096536693699d7afe35894771ded1e8344fc_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:24481e3ee1dab49893e7f5891e97e3287ec6f35105b6e927ce0acc7da24a6982_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:7f628638e169ff2c041d52a6d99387ca6e7d0829861c963a5a31c5e60c90af4f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8db769981b2fecc5f079f4ab106d62b9cbf92f112f75119bd7508acaec8952e7_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9e9abaf0df077ca0d0f7ed49423f42dfa9fa591ac2aff0eb7ff4e5895fc91aa7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c08e5f2f4d01dd3c75f65cc731e12658a4d1e17d6b3113ce1dc2ae5799852705_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:663b633499c8230fb47d4e8c0094403edc8b9c7b74aea5d56fe84bb18a1500c4_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6c17ff5115ebe1206681f282c6cf32dfe5f94db8a2ab779512a8e09553a8b92b_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:798b8dd5a606592f6a3b5a3446ca88232c6450619db8d0c83af2f1fa827791bc_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b72a08265a5f91bff282d2cbcb7f2deea0f6dc4d929cb52b1d07476e431be150_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1b6d931578d1e5e82e305e62a8328278b8292d63ef70a88b436fae6c171905b5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5ebb6a165c63a0f72a6fcc01c247a5597fd87bd87ce7d2b20745240a1da7b7fb_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8470fd7f948c8195ec63ebf39e9589ceecb6b5cdf8b71f786cb32f602c8a1eef_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4be4eefce4730e4435bfd1abe06c8582e19d8e638b30234baaff30800e5443_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:10b596212408e9e8304a39069ed23e4c1c9217c549a3974197847c7855c4e253_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7aa506c702445f4a3b69566ee299d5a943d3b9991a4a23c6961ed4e42690af3b_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:81901a90ba59fe931cf0223d8cad5e5d1d970151d3a59493ca724d59e9e6493b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:976ad47ea4c9cf62e17b59256fedf7f32ec779ae808262c0e1e1a7779705f083_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:25c12ba6503e762b1310b02c8b2b28f6963b01f4c26dc4553fcadcf046234de0_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8c3b996bfda0c74b39b1f134a7a62c3286e033bc4ecb4d11ff910231986472ac_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c3ba85a02158d1390946b2f1170faeba8cc1e21bcf00def01cd1dceffe459dab_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d27ce90fd808d98e64b05043e50350437bed84d075db1c3ea3d23475613b78d6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:103b45a6d4032d2f2aad80f200093870415741a94e45969af5cb9ac74b9d90fb_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4dba7b25b2129a6d448e5dc27a669b2ad963bc5efadff3fac73f583afcc717b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4ef9767e1c7d6f790adc8440ea76510c7654bffa490399445c98eeaf140a758f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc61f8f1c43661c4861c451a14ea801af7fee7789cc42a454221bfbc06b12528_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:416bcfa0abc17b80b446461a1a7279531f8d2e0961112eed3746c2defcefc862_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9f5d9350bb2cc0e84928860b021f769df3047f3eb9c8dc870af7ecf6af991496_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c502c6976b2a3bb72a08bc5a15e534dbb02dd792f05b2081d74cf4dca85cf37e_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e3ebd256fdda682e6f9145d88bf425b47dcef5c9aff49667fc80aa4468603319_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c0992ea41ed0e01478199af484e921d472a1b1e34e09fe4ae7faa6009f0318e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:418a951de9a504a26ff31ef7f267cc6af7574a75de21d704cf1693d15c307e58_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:9acf24325543bd8570f410a120450b71fe64ff769a6f8e387ff95bd1022856dd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a269cd0991720451bde21df2a4c9186acc971b76ea9b07863e5919a8522d606a_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:01afee5bfa92b8c5220b33f1610b8ae6c7611a802e43904c42014c9eda0c5586_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:33f3717c6f55ae602bf05c7f369082fc26f5948965659b945cc4b58d21346f6a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:45a6429f750545190f0ccf20398402b45e9f1b6c58da928a3646c6b8bf953b61_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:978b887e3c156ccac9c88c6e7faf6dc3c8f4add830e136305728bb8ad9412183_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:167aba25291e12b7b35098c72f48d81243c0388e12435b600516b8301f9414d9_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5357318c90aeb742442e2db7cbc2877a784b5d70b587b69dfad1eb327f553900_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7ad736268d5717923de2308f8ee8b6a492d54ace29dea6654b15b19b5e72cc10_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:bd8e764d37d7f0ff5e637bbf7d56572eb1f560d82767593774cd10b84d1ddd93_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:311585facdfee155f466002f3ab4a804555f18cb34ce4eaa291f49ff8b117bb4_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:899e6c4761d0c70e04629f73e9e5b7ee03b1f8cb05580ffc32116e522b278039_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b083c3f0682749eb4d9218e27440c48ddb3553d0b0c5e596aa00f4623d3a1230_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ca54cda9c9dc5057bf358d8726da096536693699d7afe35894771ded1e8344fc_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:24481e3ee1dab49893e7f5891e97e3287ec6f35105b6e927ce0acc7da24a6982_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:7f628638e169ff2c041d52a6d99387ca6e7d0829861c963a5a31c5e60c90af4f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8db769981b2fecc5f079f4ab106d62b9cbf92f112f75119bd7508acaec8952e7_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9e9abaf0df077ca0d0f7ed49423f42dfa9fa591ac2aff0eb7ff4e5895fc91aa7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c08e5f2f4d01dd3c75f65cc731e12658a4d1e17d6b3113ce1dc2ae5799852705_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:663b633499c8230fb47d4e8c0094403edc8b9c7b74aea5d56fe84bb18a1500c4_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6c17ff5115ebe1206681f282c6cf32dfe5f94db8a2ab779512a8e09553a8b92b_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:798b8dd5a606592f6a3b5a3446ca88232c6450619db8d0c83af2f1fa827791bc_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b72a08265a5f91bff282d2cbcb7f2deea0f6dc4d929cb52b1d07476e431be150_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1b6d931578d1e5e82e305e62a8328278b8292d63ef70a88b436fae6c171905b5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5ebb6a165c63a0f72a6fcc01c247a5597fd87bd87ce7d2b20745240a1da7b7fb_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8470fd7f948c8195ec63ebf39e9589ceecb6b5cdf8b71f786cb32f602c8a1eef_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4be4eefce4730e4435bfd1abe06c8582e19d8e638b30234baaff30800e5443_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:10b596212408e9e8304a39069ed23e4c1c9217c549a3974197847c7855c4e253_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7aa506c702445f4a3b69566ee299d5a943d3b9991a4a23c6961ed4e42690af3b_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:81901a90ba59fe931cf0223d8cad5e5d1d970151d3a59493ca724d59e9e6493b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:976ad47ea4c9cf62e17b59256fedf7f32ec779ae808262c0e1e1a7779705f083_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:25c12ba6503e762b1310b02c8b2b28f6963b01f4c26dc4553fcadcf046234de0_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8c3b996bfda0c74b39b1f134a7a62c3286e033bc4ecb4d11ff910231986472ac_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c3ba85a02158d1390946b2f1170faeba8cc1e21bcf00def01cd1dceffe459dab_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d27ce90fd808d98e64b05043e50350437bed84d075db1c3ea3d23475613b78d6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:103b45a6d4032d2f2aad80f200093870415741a94e45969af5cb9ac74b9d90fb_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4dba7b25b2129a6d448e5dc27a669b2ad963bc5efadff3fac73f583afcc717b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4ef9767e1c7d6f790adc8440ea76510c7654bffa490399445c98eeaf140a758f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc61f8f1c43661c4861c451a14ea801af7fee7789cc42a454221bfbc06b12528_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:416bcfa0abc17b80b446461a1a7279531f8d2e0961112eed3746c2defcefc862_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9f5d9350bb2cc0e84928860b021f769df3047f3eb9c8dc870af7ecf6af991496_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c502c6976b2a3bb72a08bc5a15e534dbb02dd792f05b2081d74cf4dca85cf37e_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e3ebd256fdda682e6f9145d88bf425b47dcef5c9aff49667fc80aa4468603319_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T20:50:30+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c0992ea41ed0e01478199af484e921d472a1b1e34e09fe4ae7faa6009f0318e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:418a951de9a504a26ff31ef7f267cc6af7574a75de21d704cf1693d15c307e58_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:9acf24325543bd8570f410a120450b71fe64ff769a6f8e387ff95bd1022856dd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a269cd0991720451bde21df2a4c9186acc971b76ea9b07863e5919a8522d606a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23550"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:01afee5bfa92b8c5220b33f1610b8ae6c7611a802e43904c42014c9eda0c5586_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:33f3717c6f55ae602bf05c7f369082fc26f5948965659b945cc4b58d21346f6a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:45a6429f750545190f0ccf20398402b45e9f1b6c58da928a3646c6b8bf953b61_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:978b887e3c156ccac9c88c6e7faf6dc3c8f4add830e136305728bb8ad9412183_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:167aba25291e12b7b35098c72f48d81243c0388e12435b600516b8301f9414d9_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5357318c90aeb742442e2db7cbc2877a784b5d70b587b69dfad1eb327f553900_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7ad736268d5717923de2308f8ee8b6a492d54ace29dea6654b15b19b5e72cc10_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:bd8e764d37d7f0ff5e637bbf7d56572eb1f560d82767593774cd10b84d1ddd93_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:311585facdfee155f466002f3ab4a804555f18cb34ce4eaa291f49ff8b117bb4_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:899e6c4761d0c70e04629f73e9e5b7ee03b1f8cb05580ffc32116e522b278039_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b083c3f0682749eb4d9218e27440c48ddb3553d0b0c5e596aa00f4623d3a1230_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ca54cda9c9dc5057bf358d8726da096536693699d7afe35894771ded1e8344fc_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:24481e3ee1dab49893e7f5891e97e3287ec6f35105b6e927ce0acc7da24a6982_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:7f628638e169ff2c041d52a6d99387ca6e7d0829861c963a5a31c5e60c90af4f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8db769981b2fecc5f079f4ab106d62b9cbf92f112f75119bd7508acaec8952e7_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9e9abaf0df077ca0d0f7ed49423f42dfa9fa591ac2aff0eb7ff4e5895fc91aa7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c08e5f2f4d01dd3c75f65cc731e12658a4d1e17d6b3113ce1dc2ae5799852705_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:663b633499c8230fb47d4e8c0094403edc8b9c7b74aea5d56fe84bb18a1500c4_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6c17ff5115ebe1206681f282c6cf32dfe5f94db8a2ab779512a8e09553a8b92b_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:798b8dd5a606592f6a3b5a3446ca88232c6450619db8d0c83af2f1fa827791bc_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b72a08265a5f91bff282d2cbcb7f2deea0f6dc4d929cb52b1d07476e431be150_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1b6d931578d1e5e82e305e62a8328278b8292d63ef70a88b436fae6c171905b5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5ebb6a165c63a0f72a6fcc01c247a5597fd87bd87ce7d2b20745240a1da7b7fb_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8470fd7f948c8195ec63ebf39e9589ceecb6b5cdf8b71f786cb32f602c8a1eef_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4be4eefce4730e4435bfd1abe06c8582e19d8e638b30234baaff30800e5443_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c0992ea41ed0e01478199af484e921d472a1b1e34e09fe4ae7faa6009f0318e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:418a951de9a504a26ff31ef7f267cc6af7574a75de21d704cf1693d15c307e58_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:9acf24325543bd8570f410a120450b71fe64ff769a6f8e387ff95bd1022856dd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a269cd0991720451bde21df2a4c9186acc971b76ea9b07863e5919a8522d606a_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:10b596212408e9e8304a39069ed23e4c1c9217c549a3974197847c7855c4e253_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7aa506c702445f4a3b69566ee299d5a943d3b9991a4a23c6961ed4e42690af3b_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:81901a90ba59fe931cf0223d8cad5e5d1d970151d3a59493ca724d59e9e6493b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:976ad47ea4c9cf62e17b59256fedf7f32ec779ae808262c0e1e1a7779705f083_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:25c12ba6503e762b1310b02c8b2b28f6963b01f4c26dc4553fcadcf046234de0_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8c3b996bfda0c74b39b1f134a7a62c3286e033bc4ecb4d11ff910231986472ac_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c3ba85a02158d1390946b2f1170faeba8cc1e21bcf00def01cd1dceffe459dab_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d27ce90fd808d98e64b05043e50350437bed84d075db1c3ea3d23475613b78d6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:103b45a6d4032d2f2aad80f200093870415741a94e45969af5cb9ac74b9d90fb_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4dba7b25b2129a6d448e5dc27a669b2ad963bc5efadff3fac73f583afcc717b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4ef9767e1c7d6f790adc8440ea76510c7654bffa490399445c98eeaf140a758f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc61f8f1c43661c4861c451a14ea801af7fee7789cc42a454221bfbc06b12528_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:416bcfa0abc17b80b446461a1a7279531f8d2e0961112eed3746c2defcefc862_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9f5d9350bb2cc0e84928860b021f769df3047f3eb9c8dc870af7ecf6af991496_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c502c6976b2a3bb72a08bc5a15e534dbb02dd792f05b2081d74cf4dca85cf37e_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e3ebd256fdda682e6f9145d88bf425b47dcef5c9aff49667fc80aa4468603319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:01afee5bfa92b8c5220b33f1610b8ae6c7611a802e43904c42014c9eda0c5586_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:33f3717c6f55ae602bf05c7f369082fc26f5948965659b945cc4b58d21346f6a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:45a6429f750545190f0ccf20398402b45e9f1b6c58da928a3646c6b8bf953b61_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:978b887e3c156ccac9c88c6e7faf6dc3c8f4add830e136305728bb8ad9412183_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:167aba25291e12b7b35098c72f48d81243c0388e12435b600516b8301f9414d9_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5357318c90aeb742442e2db7cbc2877a784b5d70b587b69dfad1eb327f553900_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:7ad736268d5717923de2308f8ee8b6a492d54ace29dea6654b15b19b5e72cc10_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:bd8e764d37d7f0ff5e637bbf7d56572eb1f560d82767593774cd10b84d1ddd93_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:311585facdfee155f466002f3ab4a804555f18cb34ce4eaa291f49ff8b117bb4_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:899e6c4761d0c70e04629f73e9e5b7ee03b1f8cb05580ffc32116e522b278039_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:b083c3f0682749eb4d9218e27440c48ddb3553d0b0c5e596aa00f4623d3a1230_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:ca54cda9c9dc5057bf358d8726da096536693699d7afe35894771ded1e8344fc_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:24481e3ee1dab49893e7f5891e97e3287ec6f35105b6e927ce0acc7da24a6982_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:7f628638e169ff2c041d52a6d99387ca6e7d0829861c963a5a31c5e60c90af4f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:8db769981b2fecc5f079f4ab106d62b9cbf92f112f75119bd7508acaec8952e7_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9e9abaf0df077ca0d0f7ed49423f42dfa9fa591ac2aff0eb7ff4e5895fc91aa7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c08e5f2f4d01dd3c75f65cc731e12658a4d1e17d6b3113ce1dc2ae5799852705_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:663b633499c8230fb47d4e8c0094403edc8b9c7b74aea5d56fe84bb18a1500c4_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:6c17ff5115ebe1206681f282c6cf32dfe5f94db8a2ab779512a8e09553a8b92b_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:798b8dd5a606592f6a3b5a3446ca88232c6450619db8d0c83af2f1fa827791bc_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b72a08265a5f91bff282d2cbcb7f2deea0f6dc4d929cb52b1d07476e431be150_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:1b6d931578d1e5e82e305e62a8328278b8292d63ef70a88b436fae6c171905b5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:5ebb6a165c63a0f72a6fcc01c247a5597fd87bd87ce7d2b20745240a1da7b7fb_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:8470fd7f948c8195ec63ebf39e9589ceecb6b5cdf8b71f786cb32f602c8a1eef_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4be4eefce4730e4435bfd1abe06c8582e19d8e638b30234baaff30800e5443_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c0992ea41ed0e01478199af484e921d472a1b1e34e09fe4ae7faa6009f0318e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:418a951de9a504a26ff31ef7f267cc6af7574a75de21d704cf1693d15c307e58_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:9acf24325543bd8570f410a120450b71fe64ff769a6f8e387ff95bd1022856dd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:a269cd0991720451bde21df2a4c9186acc971b76ea9b07863e5919a8522d606a_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:10b596212408e9e8304a39069ed23e4c1c9217c549a3974197847c7855c4e253_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:7aa506c702445f4a3b69566ee299d5a943d3b9991a4a23c6961ed4e42690af3b_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:81901a90ba59fe931cf0223d8cad5e5d1d970151d3a59493ca724d59e9e6493b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:976ad47ea4c9cf62e17b59256fedf7f32ec779ae808262c0e1e1a7779705f083_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:25c12ba6503e762b1310b02c8b2b28f6963b01f4c26dc4553fcadcf046234de0_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8c3b996bfda0c74b39b1f134a7a62c3286e033bc4ecb4d11ff910231986472ac_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c3ba85a02158d1390946b2f1170faeba8cc1e21bcf00def01cd1dceffe459dab_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d27ce90fd808d98e64b05043e50350437bed84d075db1c3ea3d23475613b78d6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:103b45a6d4032d2f2aad80f200093870415741a94e45969af5cb9ac74b9d90fb_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4dba7b25b2129a6d448e5dc27a669b2ad963bc5efadff3fac73f583afcc717b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4ef9767e1c7d6f790adc8440ea76510c7654bffa490399445c98eeaf140a758f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc61f8f1c43661c4861c451a14ea801af7fee7789cc42a454221bfbc06b12528_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:416bcfa0abc17b80b446461a1a7279531f8d2e0961112eed3746c2defcefc862_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:9f5d9350bb2cc0e84928860b021f769df3047f3eb9c8dc870af7ecf6af991496_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c502c6976b2a3bb72a08bc5a15e534dbb02dd792f05b2081d74cf4dca85cf37e_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e3ebd256fdda682e6f9145d88bf425b47dcef5c9aff49667fc80aa4468603319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:19403
Vulnerability from csaf_redhat - Published: 2025-11-03 02:00 - Updated: 2026-01-13 22:44Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19403",
"url": "https://access.redhat.com/errata/RHSA-2025:19403"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19403.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:44:16+00:00",
"generator": {
"date": "2026-01-13T22:44:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:19403",
"initial_release_date": "2025-11-03T02:00:12+00:00",
"revision_history": [
{
"date": "2025-11-03T02:00:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-03T02:00:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:44:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.7.1-1.el10_0.3.src",
"product": {
"name": "expat-0:2.7.1-1.el10_0.3.src",
"product_id": "expat-0:2.7.1-1.el10_0.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.7.1-1.el10_0.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.7.1-1.el10_0.3.aarch64",
"product": {
"name": "expat-0:2.7.1-1.el10_0.3.aarch64",
"product_id": "expat-0:2.7.1-1.el10_0.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.7.1-1.el10_0.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"product": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"product_id": "expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.7.1-1.el10_0.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"product": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"product_id": "expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.7.1-1.el10_0.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"product": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"product_id": "expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.7.1-1.el10_0.3?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.7.1-1.el10_0.3.ppc64le",
"product": {
"name": "expat-0:2.7.1-1.el10_0.3.ppc64le",
"product_id": "expat-0:2.7.1-1.el10_0.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.7.1-1.el10_0.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"product": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"product_id": "expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.7.1-1.el10_0.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"product_id": "expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.7.1-1.el10_0.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"product": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"product_id": "expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.7.1-1.el10_0.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.7.1-1.el10_0.3.x86_64",
"product": {
"name": "expat-0:2.7.1-1.el10_0.3.x86_64",
"product_id": "expat-0:2.7.1-1.el10_0.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.7.1-1.el10_0.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"product": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"product_id": "expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.7.1-1.el10_0.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"product": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"product_id": "expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.7.1-1.el10_0.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.7.1-1.el10_0.3.x86_64",
"product": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.x86_64",
"product_id": "expat-devel-0:2.7.1-1.el10_0.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.7.1-1.el10_0.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.7.1-1.el10_0.3.s390x",
"product": {
"name": "expat-0:2.7.1-1.el10_0.3.s390x",
"product_id": "expat-0:2.7.1-1.el10_0.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.7.1-1.el10_0.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"product": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"product_id": "expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.7.1-1.el10_0.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"product": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"product_id": "expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.7.1-1.el10_0.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.7.1-1.el10_0.3.s390x",
"product": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.s390x",
"product_id": "expat-devel-0:2.7.1-1.el10_0.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.7.1-1.el10_0.3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.aarch64"
},
"product_reference": "expat-0:2.7.1-1.el10_0.3.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.ppc64le"
},
"product_reference": "expat-0:2.7.1-1.el10_0.3.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_0.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.s390x"
},
"product_reference": "expat-0:2.7.1-1.el10_0.3.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_0.3.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.src"
},
"product_reference": "expat-0:2.7.1-1.el10_0.3.src",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.x86_64"
},
"product_reference": "expat-0:2.7.1-1.el10_0.3.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.s390x"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.aarch64"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.s390x"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.x86_64"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.aarch64"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.ppc64le"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.s390x"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_0.3.s390x",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.x86_64"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_0.3.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_0.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.aarch64"
},
"product_reference": "expat-0:2.7.1-1.el10_0.3.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_0.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.ppc64le"
},
"product_reference": "expat-0:2.7.1-1.el10_0.3.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_0.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.s390x"
},
"product_reference": "expat-0:2.7.1-1.el10_0.3.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_0.3.src as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.src"
},
"product_reference": "expat-0:2.7.1-1.el10_0.3.src",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.7.1-1.el10_0.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.x86_64"
},
"product_reference": "expat-0:2.7.1-1.el10_0.3.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.s390x"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64"
},
"product_reference": "expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.aarch64"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.s390x"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.7.1-1.el10_0.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.x86_64"
},
"product_reference": "expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.aarch64"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.ppc64le"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.s390x"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_0.3.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.7.1-1.el10_0.3.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.x86_64"
},
"product_reference": "expat-devel-0:2.7.1-1.el10_0.3.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.src",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.src",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-03T02:00:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.src",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.src",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19403"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.src",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.src",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.src",
"AppStream-10.0.Z:expat-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.s390x",
"AppStream-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.src",
"BaseOS-10.0.Z:expat-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-debuginfo-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-debugsource-0:2.7.1-1.el10_0.3.x86_64",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.aarch64",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.ppc64le",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.s390x",
"BaseOS-10.0.Z:expat-devel-0:2.7.1-1.el10_0.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:22607
Vulnerability from csaf_redhat - Published: 2025-12-02 14:22 - Updated: 2026-01-13 22:40Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: internal entity expansion (CVE-2013-0340)
* expat: integer overflow in the doProlog function (CVE-2022-23990)
* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: internal entity expansion (CVE-2013-0340)\n\n* expat: integer overflow in the doProlog function (CVE-2022-23990)\n\n* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22607",
"url": "https://access.redhat.com/errata/RHSA-2025:22607"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1000109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000109"
},
{
"category": "external",
"summary": "2048356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048356"
},
{
"category": "external",
"summary": "2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22607.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:40:19+00:00",
"generator": {
"date": "2026-01-13T22:40:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:22607",
"initial_release_date": "2025-12-02T14:22:18+00:00",
"revision_history": [
{
"date": "2025-12-02T14:22:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-02T14:22:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:40:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.8::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:8.8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_8.src",
"product": {
"name": "expat-0:2.2.10-1.el8_8.src",
"product_id": "expat-0:2.2.10-1.el8_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_8.ppc64le",
"product": {
"name": "expat-0:2.2.10-1.el8_8.ppc64le",
"product_id": "expat-0:2.2.10-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_8.ppc64le",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_8.ppc64le",
"product_id": "expat-devel-0:2.2.10-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"product_id": "expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_8.i686",
"product": {
"name": "expat-0:2.2.10-1.el8_8.i686",
"product_id": "expat-0:2.2.10-1.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_8.i686",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_8.i686",
"product_id": "expat-devel-0:2.2.10-1.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_8.i686",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_8.i686",
"product_id": "expat-debugsource-0:2.2.10-1.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_8.i686",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_8.i686",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_8?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_8.x86_64",
"product": {
"name": "expat-0:2.2.10-1.el8_8.x86_64",
"product_id": "expat-0:2.2.10-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_8.x86_64",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_8.x86_64",
"product_id": "expat-devel-0:2.2.10-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"product_id": "expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_8.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686"
},
"product_reference": "expat-0:2.2.10-1.el8_8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le"
},
"product_reference": "expat-0:2.2.10-1.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_8.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src"
},
"product_reference": "expat-0:2.2.10-1.el8_8.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64"
},
"product_reference": "expat-0:2.2.10-1.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_8.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_8.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_8.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_8.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_8.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_8.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686"
},
"product_reference": "expat-0:2.2.10-1.el8_8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_8.src as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src"
},
"product_reference": "expat-0:2.2.10-1.el8_8.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64"
},
"product_reference": "expat-0:2.2.10-1.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_8.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_8.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_8.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_8.i686",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_8.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_8.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0340",
"discovery_date": "2013-02-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1000109"
}
],
"notes": [
{
"category": "description",
"text": "expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: internal entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64"
],
"known_not_affected": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0340"
},
{
"category": "external",
"summary": "RHBZ#1000109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000109"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340"
}
],
"release_date": "2013-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-02T14:22:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22607"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: internal entity expansion"
},
{
"cve": "CVE-2022-23990",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2048356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: integer overflow in the doProlog function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security marked this flaw as Moderate Impact because the vulnerability includes a flaw that is present in a program\u2019s source code but to which no current or theoretically possible, but unproven, exploitation vectors exist or were found during the technical analysis of the flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64"
],
"known_not_affected": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23990"
},
{
"category": "external",
"summary": "RHBZ#2048356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23990"
}
],
"release_date": "2022-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-02T14:22:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22607"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: integer overflow in the doProlog function"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
},
{
"names": [
"Tomas Korbar",
"Sandipan Roy"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Sebastian Pipping"
],
"organization": "libexpat"
}
],
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-06-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310137"
}
],
"notes": [
{
"category": "description",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All supported Red Hat offerings are built with the compilation flag (-fstack-clash-protection) which reduces the impact to Moderate. This build configuration blocks the possibility of an attacker gaining arbitrary code execution even if a stack-clash vulnerability, like this one, could be exploited.\n\nThis vulnerability is rated Moderate because Red Hat builds use the `-fstack-clash-protection` compiler flag, which mitigates the risk of arbitrary code execution from stack overflows. While the flaw allows a crash via uncontrolled recursion in XML parsing, the hardened stack layout prevents reliable memory corruption, limiting the impact to a Denial of Service (DoS) scenario.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-674: Uncontrolled Recursion vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls ensure that inputs triggering recursion are validated to stay within safe limits, which reduces the risk of infinite or excessive recursion. The implementation of least functionality on the platform further restricts potential impacts of recursions by disabling unnecessary recursive functions or features, thus reducing the available pathways for a would-be attacker. The inclusion of developer testing and evaluation ensures that recursive functions are tested and that safeguards like error handling are in place. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation can limit impacts to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64"
],
"known_not_affected": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8176"
},
{
"category": "external",
"summary": "RHBZ#2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/893",
"url": "https://github.com/libexpat/libexpat/issues/893"
}
],
"release_date": "2025-03-13T13:51:54.957000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-02T14:22:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22607"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64"
],
"known_not_affected": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-02T14:22:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22607"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.E4S:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.ppc64le",
"BaseOS-8.8.0.Z.E4S:expat-devel-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.src",
"BaseOS-8.8.0.Z.TUS:expat-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_8.x86_64",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.i686",
"BaseOS-8.8.0.Z.TUS:expat-devel-0:2.2.10-1.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2026:0077
Vulnerability from csaf_redhat - Published: 2026-01-05 18:07 - Updated: 2026-01-13 22:15Summary
Red Hat Security Advisory: spice-client-win security update
Notes
Topic
An update for spice-client-win is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Spice client MSI installers for Windows clients
Security Fix(es):
* sqlite: Integer Truncation in SQLite (CVE-2025-6965)
* libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)
* libtiff: Libtiff Write-What-Where (CVE-2025-9900)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for spice-client-win is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Spice client MSI installers for Windows clients\n\nSecurity Fix(es):\n\n* sqlite: Integer Truncation in SQLite (CVE-2025-6965)\n\n* libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)\n\n* libtiff: Libtiff Write-What-Where (CVE-2025-9900)\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0077",
"url": "https://access.redhat.com/errata/RHSA-2026:0077"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0077.json"
}
],
"title": "Red Hat Security Advisory: spice-client-win security update",
"tracking": {
"current_release_date": "2026-01-13T22:15:00+00:00",
"generator": {
"date": "2026-01-13T22:15:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:0077",
"initial_release_date": "2026-01-05T18:07:35+00:00",
"revision_history": [
{
"date": "2026-01-05T18:07:35+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-05T18:07:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:15:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "spice-client-win-0:8.10-3.el8_4.1.src",
"product": {
"name": "spice-client-win-0:8.10-3.el8_4.1.src",
"product_id": "spice-client-win-0:8.10-3.el8_4.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win@8.10-3.el8_4.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"product": {
"name": "spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"product_id": "spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win-x64@8.10-3.el8_4.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"product": {
"name": "spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"product_id": "spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win-x86@8.10-3.el8_4.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-0:8.10-3.el8_4.1.src as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src"
},
"product_reference": "spice-client-win-0:8.10-3.el8_4.1.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x64-0:8.10-3.el8_4.1.noarch as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch"
},
"product_reference": "spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x86-0:8.10-3.el8_4.1.noarch as a component of Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"product_id": "AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
},
"product_reference": "spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-0:8.10-3.el8_4.1.src as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src"
},
"product_reference": "spice-client-win-0:8.10-3.el8_4.1.src",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x64-0:8.10-3.el8_4.1.noarch as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch"
},
"product_reference": "spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x86-0:8.10-3.el8_4.1.noarch as a component of Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"product_id": "AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
},
"product_reference": "spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"relates_to_product_reference": "AppStream-8.4.0.Z.EUS.EXTENSION"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T18:07:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0077"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8176",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-26T04:00:56.216434+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: LibTIFF Use-After-Free Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Important because it involves a use-after-free flaw in the get_histogram function of LibTIFF\u2019s tiffmedian tool. Successful exploitation may allow a local attacker to execute arbitrary code or cause a denial of service, leading to loss of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "RHBZ#2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176"
},
{
"category": "external",
"summary": "http://www.libtiff.org/",
"url": "http://www.libtiff.org/"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172",
"url": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/707",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/707"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727"
},
{
"category": "external",
"summary": "https://vuldb.com/?ctiid.317590",
"url": "https://vuldb.com/?ctiid.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.317590",
"url": "https://vuldb.com/?id.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?submit.621796",
"url": "https://vuldb.com/?submit.621796"
}
],
"release_date": "2025-07-26T03:32:08.851000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T18:07:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0077"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: LibTIFF Use-After-Free Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Gareth C"
],
"organization": "AnchorSec Ltd."
}
],
"cve": "CVE-2025-9900",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2025-09-03T02:48:12.111000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file\u0027s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Libtiff Write-What-Where",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires user interaction to run the malicious TIFF image file, hence the CVE is maintained as important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "RHBZ#2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file",
"url": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/704",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/704"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732"
},
{
"category": "external",
"summary": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html",
"url": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"
}
],
"release_date": "2025-09-22T14:29:35.767000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T18:07:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0077"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: Libtiff Write-What-Where"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T18:07:35+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0077"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.Z.AUS:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-0:8.10-3.el8_4.1.src",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x64-0:8.10-3.el8_4.1.noarch",
"AppStream-8.4.0.Z.EUS.EXTENSION:spice-client-win-x86-0:8.10-3.el8_4.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:22785
Vulnerability from csaf_redhat - Published: 2025-12-04 23:12 - Updated: 2026-01-13 22:12Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: internal entity expansion (CVE-2013-0340)
* expat: Large number of prefixed XML attributes on a single tag can crash libexpat (CVE-2021-45960)
* expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143)
* expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822)
* expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823)
* expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824)
* expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825)
* expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826)
* expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827)
* expat: integer overflow in the doProlog function (CVE-2022-23990)
* expat: Stack exhaustion in doctype parsing (CVE-2022-25313)
* expat: Integer overflow in copyString() (CVE-2022-25314)
* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)
* expat: parsing large tokens can trigger a denial of service (CVE-2023-52425)
* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: internal entity expansion (CVE-2013-0340)\n\n* expat: Large number of prefixed XML attributes on a single tag can crash libexpat (CVE-2021-45960)\n\n* expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143)\n\n* expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822)\n\n* expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823)\n\n* expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824)\n\n* expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825)\n\n* expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826)\n\n* expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827)\n\n* expat: integer overflow in the doProlog function (CVE-2022-23990)\n\n* expat: Stack exhaustion in doctype parsing (CVE-2022-25313)\n\n* expat: Integer overflow in copyString() (CVE-2022-25314)\n\n* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)\n\n* expat: parsing large tokens can trigger a denial of service (CVE-2023-52425)\n\n* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22785",
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1000109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000109"
},
{
"category": "external",
"summary": "2044451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044451"
},
{
"category": "external",
"summary": "2044455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044455"
},
{
"category": "external",
"summary": "2044457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044457"
},
{
"category": "external",
"summary": "2044464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044464"
},
{
"category": "external",
"summary": "2044467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044467"
},
{
"category": "external",
"summary": "2044479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044479"
},
{
"category": "external",
"summary": "2044484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044484"
},
{
"category": "external",
"summary": "2044488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044488"
},
{
"category": "external",
"summary": "2048356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048356"
},
{
"category": "external",
"summary": "2056350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056350"
},
{
"category": "external",
"summary": "2056354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056354"
},
{
"category": "external",
"summary": "2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "2262877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262877"
},
{
"category": "external",
"summary": "2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22785.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:12:28+00:00",
"generator": {
"date": "2026-01-13T22:12:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:22785",
"initial_release_date": "2025-12-04T23:12:47+00:00",
"revision_history": [
{
"date": "2025-12-04T23:12:47+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-04T23:12:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:12:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.4::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_4.src",
"product": {
"name": "expat-0:2.2.10-1.el8_4.src",
"product_id": "expat-0:2.2.10-1.el8_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_4.i686",
"product": {
"name": "expat-0:2.2.10-1.el8_4.i686",
"product_id": "expat-0:2.2.10-1.el8_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_4.i686",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_4.i686",
"product_id": "expat-devel-0:2.2.10-1.el8_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_4.i686",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_4.i686",
"product_id": "expat-debugsource-0:2.2.10-1.el8_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_4.i686",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_4.i686",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_4.x86_64",
"product": {
"name": "expat-0:2.2.10-1.el8_4.x86_64",
"product_id": "expat-0:2.2.10-1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_4.x86_64",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_4.x86_64",
"product_id": "expat-devel-0:2.2.10-1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"product_id": "expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_4.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686"
},
"product_reference": "expat-0:2.2.10-1.el8_4.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_4.src as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src"
},
"product_reference": "expat-0:2.2.10-1.el8_4.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64"
},
"product_reference": "expat-0:2.2.10-1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_4.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_4.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_4.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_4.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_4.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_4.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686"
},
"product_reference": "expat-0:2.2.10-1.el8_4.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_4.src as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src"
},
"product_reference": "expat-0:2.2.10-1.el8_4.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
},
"product_reference": "expat-0:2.2.10-1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_4.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_4.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_4.i686 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_4.i686",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_4.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0340",
"discovery_date": "2013-02-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1000109"
}
],
"notes": [
{
"category": "description",
"text": "expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: internal entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0340"
},
{
"category": "external",
"summary": "RHBZ#1000109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000109"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340"
}
],
"release_date": "2013-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: internal entity expansion"
},
{
"cve": "CVE-2021-45960",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2022-01-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044451"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to buffer overrun. The highest threat from this vulnerability is to availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Large number of prefixed XML attributes on a single tag can crash libexpat",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has rated this CVE based on the configurations of a default install in the context of SELinux enforcement and services run as non privileged users.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45960"
},
{
"category": "external",
"summary": "RHBZ#2044451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044451"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45960",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45960"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/531",
"url": "https://github.com/libexpat/libexpat/issues/531"
}
],
"release_date": "2022-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Large number of prefixed XML attributes on a single tag can crash libexpat"
},
{
"cve": "CVE-2021-46143",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044455"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in doProlog in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-46143"
},
{
"category": "external",
"summary": "RHBZ#2044455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-46143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46143"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/532",
"url": "https://github.com/libexpat/libexpat/issues/532"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Integer overflow in doProlog in xmlparse.c"
},
{
"cve": "CVE-2022-22822",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044457"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in addBinding in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an important rather than a critical vulnerability due to its practical limitations. The flaw arises from unsafe left-shift operations in storeAtts() within libexpat, which, under extreme conditions (e.g., over 2\u003csup\u003e29\u003c/sup\u003e prefixed attributes), can lead to undefined behavior, memory mismanagement, and denial-of-service (DoS). However, exploitation requires specially crafted XML payloads several gigabytes in size (~6.5 GiB), which makes remote exploitation unlikely in real-world environments due to common upload limits and resource constraints. There is no evidence of arbitrary code execution, memory corruption leading to privilege escalation, or data leaks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22822"
},
{
"category": "external",
"summary": "RHBZ#2044457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22822",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22822"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: Integer overflow in addBinding in xmlparse.c"
},
{
"cve": "CVE-2022-22823",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044464"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in build_model in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an important rather than a critical vulnerability due to its practical limitations. The flaw arises from unsafe left-shift operations in storeAtts() within libexpat, which, under extreme conditions (e.g., over 2\u003csup\u003e29\u003c/sup\u003e prefixed attributes), can lead to undefined behavior, memory mismanagement, and denial-of-service (DoS). However, exploitation requires specially crafted XML payloads several gigabytes in size (~6.5 GiB), which makes remote exploitation unlikely in real-world environments due to common upload limits and resource constraints. There is no evidence of arbitrary code execution, memory corruption leading to privilege escalation, or data leaks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22823"
},
{
"category": "external",
"summary": "RHBZ#2044464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22823",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22823"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: Integer overflow in build_model in xmlparse.c"
},
{
"cve": "CVE-2022-22824",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044467"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in defineAttribute in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an important rather than a critical vulnerability due to its practical limitations. The flaw arises from unsafe left-shift operations in storeAtts() within libexpat, which, under extreme conditions (e.g., over 2\u003csup\u003e29\u003c/sup\u003e prefixed attributes), can lead to undefined behavior, memory mismanagement, and denial-of-service (DoS). However, exploitation requires specially crafted XML payloads several gigabytes in size (~6.5 GiB), which makes remote exploitation unlikely in real-world environments due to common upload limits and resource constraints. There is no evidence of arbitrary code execution, memory corruption leading to privilege escalation, or data leaks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22824"
},
{
"category": "external",
"summary": "RHBZ#2044467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22824",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22824"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: Integer overflow in defineAttribute in xmlparse.c"
},
{
"cve": "CVE-2022-22825",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044479"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in lookup in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22825"
},
{
"category": "external",
"summary": "RHBZ#2044479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22825",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22825"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Integer overflow in lookup in xmlparse.c"
},
{
"cve": "CVE-2022-22826",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044484"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in nextScaffoldPart in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22826"
},
{
"category": "external",
"summary": "RHBZ#2044484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22826",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22826"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Integer overflow in nextScaffoldPart in xmlparse.c"
},
{
"cve": "CVE-2022-22827",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044488"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in storeAtts in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22827"
},
{
"category": "external",
"summary": "RHBZ#2044488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22827",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22827"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Integer overflow in storeAtts in xmlparse.c"
},
{
"cve": "CVE-2022-23990",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2048356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: integer overflow in the doProlog function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security marked this flaw as Moderate Impact because the vulnerability includes a flaw that is present in a program\u2019s source code but to which no current or theoretically possible, but unproven, exploitation vectors exist or were found during the technical analysis of the flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23990"
},
{
"category": "external",
"summary": "RHBZ#2048356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23990"
}
],
"release_date": "2022-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: integer overflow in the doProlog function"
},
{
"cve": "CVE-2022-25313",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-02-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2056350"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in expat. A stack exhaustion in doctype parsing could be triggered by a file with a large number of opening braces, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Stack exhaustion in doctype parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects applications that leverage expat to parse untrusted XML files. Applications which only parse trusted XML files or do not process XML files at all are not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25313"
},
{
"category": "external",
"summary": "RHBZ#2056350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056350"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25313",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25313"
},
{
"category": "external",
"summary": "https://blog.hartwork.org/posts/expat-2-4-5-released/",
"url": "https://blog.hartwork.org/posts/expat-2-4-5-released/"
}
],
"release_date": "2022-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
},
{
"category": "workaround",
"details": "There is no known mitigation other than restricting applications using the expat library from processing untrusted XML content.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Stack exhaustion in doctype parsing"
},
{
"cve": "CVE-2022-25314",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-02-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2056354"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded (rather than user input), takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in copyString()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having a severity of Moderate. The encoding name parameter is often hard-coded (rather than user input) and it would take a value in the gigabytes for the name to trigger this issue. The versions of `expat` as shipped with Red Hat Enterprise Linux 6 and 7 are not affected by this flaw as they did not include the vulnerable copyString() function.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25314"
},
{
"category": "external",
"summary": "RHBZ#2056354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25314",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25314"
},
{
"category": "external",
"summary": "https://blog.hartwork.org/posts/expat-2-4-5-released/",
"url": "https://blog.hartwork.org/posts/expat-2-4-5-released/"
}
],
"release_date": "2022-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
},
{
"category": "workaround",
"details": "There is no known mitigation other than restricting applications using the expat library from processing untrusted XML content.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Integer overflow in copyString()"
},
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
},
{
"cve": "CVE-2023-52425",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2262877"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Expat (libexpat). When parsing a large token that requires multiple buffer fills to complete, Expat has to re-parse the token from start numerous times. This process may trigger excessive resource consumption, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: parsing large tokens can trigger a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified flaw in Expat presents a moderate severity issue due to its potential to facilitate resource exhaustion attacks, particularly in scenarios involving parsing large tokens requiring multiple buffer fills. As Expat repeatedly re-parses such tokens from the beginning, it results in disproportionate resource consumption, leading to a denial-of-service (DoS) condition. While the impact is significant, the exploitation requires specific conditions, such as parsing large tokens, which may not always align with typical usage patterns.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52425"
},
{
"category": "external",
"summary": "RHBZ#2262877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262877"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425"
}
],
"release_date": "2024-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: parsing large tokens can trigger a denial of service"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
},
{
"names": [
"Tomas Korbar",
"Sandipan Roy"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Sebastian Pipping"
],
"organization": "libexpat"
}
],
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-06-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310137"
}
],
"notes": [
{
"category": "description",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All supported Red Hat offerings are built with the compilation flag (-fstack-clash-protection) which reduces the impact to Moderate. This build configuration blocks the possibility of an attacker gaining arbitrary code execution even if a stack-clash vulnerability, like this one, could be exploited.\n\nThis vulnerability is rated Moderate because Red Hat builds use the `-fstack-clash-protection` compiler flag, which mitigates the risk of arbitrary code execution from stack overflows. While the flaw allows a crash via uncontrolled recursion in XML parsing, the hardened stack layout prevents reliable memory corruption, limiting the impact to a Denial of Service (DoS) scenario.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-674: Uncontrolled Recursion vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls ensure that inputs triggering recursion are validated to stay within safe limits, which reduces the risk of infinite or excessive recursion. The implementation of least functionality on the platform further restricts potential impacts of recursions by disabling unnecessary recursive functions or features, thus reducing the available pathways for a would-be attacker. The inclusion of developer testing and evaluation ensures that recursive functions are tested and that safeguards like error handling are in place. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation can limit impacts to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8176"
},
{
"category": "external",
"summary": "RHBZ#2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/893",
"url": "https://github.com/libexpat/libexpat/issues/893"
}
],
"release_date": "2025-03-13T13:51:54.957000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-04T23:12:47+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.AUS:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.AUS:expat-devel-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debuginfo-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-debugsource-0:2.2.10-1.el8_4.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.i686",
"BaseOS-8.4.0.Z.EUS.EXTENSION:expat-devel-0:2.2.10-1.el8_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:22871
Vulnerability from csaf_redhat - Published: 2025-12-09 08:32 - Updated: 2026-01-13 22:36Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: internal entity expansion (CVE-2013-0340)
* expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843)
* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)
* expat: Large number of prefixed XML attributes on a single tag can crash libexpat (CVE-2021-45960)
* expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143)
* expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822)
* expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823)
* expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824)
* expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825)
* expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826)
* expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827)
* expat: integer overflow in the doProlog function (CVE-2022-23990)
* expat: Stack exhaustion in doctype parsing (CVE-2022-25313)
* expat: Integer overflow in copyString() (CVE-2022-25314)
* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)
* expat: parsing large tokens can trigger a denial of service (CVE-2023-52425)
* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: internal entity expansion (CVE-2013-0340)\n\n* expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843)\n\n* expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)\n\n* expat: Large number of prefixed XML attributes on a single tag can crash libexpat (CVE-2021-45960)\n\n* expat: Integer overflow in doProlog in xmlparse.c (CVE-2021-46143)\n\n* expat: Integer overflow in addBinding in xmlparse.c (CVE-2022-22822)\n\n* expat: Integer overflow in build_model in xmlparse.c (CVE-2022-22823)\n\n* expat: Integer overflow in defineAttribute in xmlparse.c (CVE-2022-22824)\n\n* expat: Integer overflow in lookup in xmlparse.c (CVE-2022-22825)\n\n* expat: Integer overflow in nextScaffoldPart in xmlparse.c (CVE-2022-22826)\n\n* expat: Integer overflow in storeAtts in xmlparse.c (CVE-2022-22827)\n\n* expat: integer overflow in the doProlog function (CVE-2022-23990)\n\n* expat: Stack exhaustion in doctype parsing (CVE-2022-25313)\n\n* expat: Integer overflow in copyString() (CVE-2022-25314)\n\n* expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate (CVE-2022-43680)\n\n* expat: parsing large tokens can trigger a denial of service (CVE-2023-52425)\n\n* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22871",
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1000109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000109"
},
{
"category": "external",
"summary": "1723723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723723"
},
{
"category": "external",
"summary": "1752592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752592"
},
{
"category": "external",
"summary": "2044451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044451"
},
{
"category": "external",
"summary": "2044455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044455"
},
{
"category": "external",
"summary": "2044457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044457"
},
{
"category": "external",
"summary": "2044464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044464"
},
{
"category": "external",
"summary": "2044467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044467"
},
{
"category": "external",
"summary": "2044479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044479"
},
{
"category": "external",
"summary": "2044484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044484"
},
{
"category": "external",
"summary": "2044488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044488"
},
{
"category": "external",
"summary": "2048356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048356"
},
{
"category": "external",
"summary": "2056350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056350"
},
{
"category": "external",
"summary": "2056354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056354"
},
{
"category": "external",
"summary": "2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "2262877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262877"
},
{
"category": "external",
"summary": "2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22871.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:36:01+00:00",
"generator": {
"date": "2026-01-13T22:36:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:22871",
"initial_release_date": "2025-12-09T08:32:00+00:00",
"revision_history": [
{
"date": "2025-12-09T08:32:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-09T08:32:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:36:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_2.src",
"product": {
"name": "expat-0:2.2.10-1.el8_2.src",
"product_id": "expat-0:2.2.10-1.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_2.i686",
"product": {
"name": "expat-0:2.2.10-1.el8_2.i686",
"product_id": "expat-0:2.2.10-1.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_2.i686",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_2.i686",
"product_id": "expat-devel-0:2.2.10-1.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_2.i686",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_2.i686",
"product_id": "expat-debugsource-0:2.2.10-1.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_2?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_2.i686",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_2.i686",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_2.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_2?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_2.x86_64",
"product": {
"name": "expat-0:2.2.10-1.el8_2.x86_64",
"product_id": "expat-0:2.2.10-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_2.x86_64",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_2.x86_64",
"product_id": "expat-devel-0:2.2.10-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"product_id": "expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_2.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686"
},
"product_reference": "expat-0:2.2.10-1.el8_2.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_2.src as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src"
},
"product_reference": "expat-0:2.2.10-1.el8_2.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
},
"product_reference": "expat-0:2.2.10-1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_2.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_2.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_2.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_2.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_2.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_2.i686",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_2.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0340",
"discovery_date": "2013-02-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1000109"
}
],
"notes": [
{
"category": "description",
"text": "expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: internal entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0340"
},
{
"category": "external",
"summary": "RHBZ#1000109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000109"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340"
}
],
"release_date": "2013-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: internal entity expansion"
},
{
"cve": "CVE-2018-20843",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-06-24T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1723723"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the \"setElementTypePrefix()\" function incorrectly extracted XML namespace prefixes. By tricking an application into processing a specially crafted XML file, an attacker could cause unusually high consumption of memory resources and possibly lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: large number of colons in input makes parser consume high amount of resources, leading to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "When processing a specially crafted XML file, expat may use more memory than ultimately necessary, which can also lead to increased CPU usage and longer processing times. Depending on available system resources and configuration, this may also lead to the application triggering the Out-Of-Memory-Killer, causing the application to be terminated.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-20843"
},
{
"category": "external",
"summary": "RHBZ#1723723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1723723"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-20843",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-20843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20843"
},
{
"category": "external",
"summary": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031"
}
],
"release_date": "2019-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: large number of colons in input makes parser consume high amount of resources, leading to DoS"
},
{
"cve": "CVE-2019-15903",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2019-09-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1752592"
}
],
"notes": [
{
"category": "description",
"text": "In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: heap-based buffer over-read via crafted XML input",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-15903"
},
{
"category": "external",
"summary": "RHBZ#1752592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752592"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-15903",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15903"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-15903",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15903"
}
],
"release_date": "2019-09-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "expat: heap-based buffer over-read via crafted XML input"
},
{
"cve": "CVE-2021-45960",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2022-01-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044451"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to buffer overrun. The highest threat from this vulnerability is to availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Large number of prefixed XML attributes on a single tag can crash libexpat",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has rated this CVE based on the configurations of a default install in the context of SELinux enforcement and services run as non privileged users.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-45960"
},
{
"category": "external",
"summary": "RHBZ#2044451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044451"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-45960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45960"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-45960",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45960"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/531",
"url": "https://github.com/libexpat/libexpat/issues/531"
}
],
"release_date": "2022-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Large number of prefixed XML attributes on a single tag can crash libexpat"
},
{
"cve": "CVE-2021-46143",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044455"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in doProlog in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-46143"
},
{
"category": "external",
"summary": "RHBZ#2044455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-46143",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46143"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-46143",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-46143"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/532",
"url": "https://github.com/libexpat/libexpat/issues/532"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Integer overflow in doProlog in xmlparse.c"
},
{
"cve": "CVE-2022-22822",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044457"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in addBinding in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an important rather than a critical vulnerability due to its practical limitations. The flaw arises from unsafe left-shift operations in storeAtts() within libexpat, which, under extreme conditions (e.g., over 2\u003csup\u003e29\u003c/sup\u003e prefixed attributes), can lead to undefined behavior, memory mismanagement, and denial-of-service (DoS). However, exploitation requires specially crafted XML payloads several gigabytes in size (~6.5 GiB), which makes remote exploitation unlikely in real-world environments due to common upload limits and resource constraints. There is no evidence of arbitrary code execution, memory corruption leading to privilege escalation, or data leaks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22822"
},
{
"category": "external",
"summary": "RHBZ#2044457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22822",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22822"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22822",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22822"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: Integer overflow in addBinding in xmlparse.c"
},
{
"cve": "CVE-2022-22823",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044464"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in build_model in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an important rather than a critical vulnerability due to its practical limitations. The flaw arises from unsafe left-shift operations in storeAtts() within libexpat, which, under extreme conditions (e.g., over 2\u003csup\u003e29\u003c/sup\u003e prefixed attributes), can lead to undefined behavior, memory mismanagement, and denial-of-service (DoS). However, exploitation requires specially crafted XML payloads several gigabytes in size (~6.5 GiB), which makes remote exploitation unlikely in real-world environments due to common upload limits and resource constraints. There is no evidence of arbitrary code execution, memory corruption leading to privilege escalation, or data leaks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22823"
},
{
"category": "external",
"summary": "RHBZ#2044464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22823"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22823",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22823"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: Integer overflow in build_model in xmlparse.c"
},
{
"cve": "CVE-2022-22824",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044467"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in defineAttribute in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an important rather than a critical vulnerability due to its practical limitations. The flaw arises from unsafe left-shift operations in storeAtts() within libexpat, which, under extreme conditions (e.g., over 2\u003csup\u003e29\u003c/sup\u003e prefixed attributes), can lead to undefined behavior, memory mismanagement, and denial-of-service (DoS). However, exploitation requires specially crafted XML payloads several gigabytes in size (~6.5 GiB), which makes remote exploitation unlikely in real-world environments due to common upload limits and resource constraints. There is no evidence of arbitrary code execution, memory corruption leading to privilege escalation, or data leaks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22824"
},
{
"category": "external",
"summary": "RHBZ#2044467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22824"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22824",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22824"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: Integer overflow in defineAttribute in xmlparse.c"
},
{
"cve": "CVE-2022-22825",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044479"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in lookup in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22825"
},
{
"category": "external",
"summary": "RHBZ#2044479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044479"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22825"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22825",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22825"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Integer overflow in lookup in xmlparse.c"
},
{
"cve": "CVE-2022-22826",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044484"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in nextScaffoldPart in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22826"
},
{
"category": "external",
"summary": "RHBZ#2044484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22826",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22826"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22826",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22826"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Integer overflow in nextScaffoldPart in xmlparse.c"
},
{
"cve": "CVE-2022-22827",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2044488"
}
],
"notes": [
{
"category": "description",
"text": "expat (libexpat) is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in storeAtts in xmlparse.c",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-22827"
},
{
"category": "external",
"summary": "RHBZ#2044488",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044488"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-22827",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22827"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-22827",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22827"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/539",
"url": "https://github.com/libexpat/libexpat/pull/539"
}
],
"release_date": "2022-01-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Integer overflow in storeAtts in xmlparse.c"
},
{
"cve": "CVE-2022-23990",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2048356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: integer overflow in the doProlog function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security marked this flaw as Moderate Impact because the vulnerability includes a flaw that is present in a program\u2019s source code but to which no current or theoretically possible, but unproven, exploitation vectors exist or were found during the technical analysis of the flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23990"
},
{
"category": "external",
"summary": "RHBZ#2048356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23990"
}
],
"release_date": "2022-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: integer overflow in the doProlog function"
},
{
"cve": "CVE-2022-25313",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2022-02-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2056350"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in expat. A stack exhaustion in doctype parsing could be triggered by a file with a large number of opening braces, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Stack exhaustion in doctype parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw affects applications that leverage expat to parse untrusted XML files. Applications which only parse trusted XML files or do not process XML files at all are not affected by this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25313"
},
{
"category": "external",
"summary": "RHBZ#2056350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056350"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25313",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25313"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25313",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25313"
},
{
"category": "external",
"summary": "https://blog.hartwork.org/posts/expat-2-4-5-released/",
"url": "https://blog.hartwork.org/posts/expat-2-4-5-released/"
}
],
"release_date": "2022-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
},
{
"category": "workaround",
"details": "There is no known mitigation other than restricting applications using the expat library from processing untrusted XML content.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Stack exhaustion in doctype parsing"
},
{
"cve": "CVE-2022-25314",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-02-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2056354"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow flaw was found in expat. This issue affects the encoding name parameter at the parser creation time, which is often hard-coded (rather than user input), takes a value in the gigabytes to trigger, and on a 64-bit machine. This flaw can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: Integer overflow in copyString()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has been rated as having a severity of Moderate. The encoding name parameter is often hard-coded (rather than user input) and it would take a value in the gigabytes for the name to trigger this issue. The versions of `expat` as shipped with Red Hat Enterprise Linux 6 and 7 are not affected by this flaw as they did not include the vulnerable copyString() function.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-25314"
},
{
"category": "external",
"summary": "RHBZ#2056354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-25314",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25314"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-25314",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25314"
},
{
"category": "external",
"summary": "https://blog.hartwork.org/posts/expat-2-4-5-released/",
"url": "https://blog.hartwork.org/posts/expat-2-4-5-released/"
}
],
"release_date": "2022-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
},
{
"category": "workaround",
"details": "There is no known mitigation other than restricting applications using the expat library from processing untrusted XML content.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: Integer overflow in copyString()"
},
{
"cve": "CVE-2022-43680",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2022-11-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2140059"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability can only happen under special (out-of-memory) conditions, thus it is not possible to exploit on every possible system that has expat installed. Additionally as the flaw is only capable of causing a Denial of Service, Red Hat rates the impact as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-43680"
},
{
"category": "external",
"summary": "RHBZ#2140059",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140059"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43680"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/649",
"url": "https://github.com/libexpat/libexpat/issues/649"
}
],
"release_date": "2022-10-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate"
},
{
"cve": "CVE-2023-52425",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-02-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2262877"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Expat (libexpat). When parsing a large token that requires multiple buffer fills to complete, Expat has to re-parse the token from start numerous times. This process may trigger excessive resource consumption, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: parsing large tokens can trigger a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified flaw in Expat presents a moderate severity issue due to its potential to facilitate resource exhaustion attacks, particularly in scenarios involving parsing large tokens requiring multiple buffer fills. As Expat repeatedly re-parses such tokens from the beginning, it results in disproportionate resource consumption, leading to a denial-of-service (DoS) condition. While the impact is significant, the exploitation requires specific conditions, such as parsing large tokens, which may not always align with typical usage patterns.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52425"
},
{
"category": "external",
"summary": "RHBZ#2262877",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262877"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52425"
}
],
"release_date": "2024-02-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: parsing large tokens can trigger a denial of service"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
},
{
"names": [
"Tomas Korbar",
"Sandipan Roy"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Sebastian Pipping"
],
"organization": "libexpat"
}
],
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-06-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310137"
}
],
"notes": [
{
"category": "description",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All supported Red Hat offerings are built with the compilation flag (-fstack-clash-protection) which reduces the impact to Moderate. This build configuration blocks the possibility of an attacker gaining arbitrary code execution even if a stack-clash vulnerability, like this one, could be exploited.\n\nThis vulnerability is rated Moderate because Red Hat builds use the `-fstack-clash-protection` compiler flag, which mitigates the risk of arbitrary code execution from stack overflows. While the flaw allows a crash via uncontrolled recursion in XML parsing, the hardened stack layout prevents reliable memory corruption, limiting the impact to a Denial of Service (DoS) scenario.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-674: Uncontrolled Recursion vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls ensure that inputs triggering recursion are validated to stay within safe limits, which reduces the risk of infinite or excessive recursion. The implementation of least functionality on the platform further restricts potential impacts of recursions by disabling unnecessary recursive functions or features, thus reducing the available pathways for a would-be attacker. The inclusion of developer testing and evaluation ensures that recursive functions are tested and that safeguards like error handling are in place. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation can limit impacts to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8176"
},
{
"category": "external",
"summary": "RHBZ#2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/893",
"url": "https://github.com/libexpat/libexpat/issues/893"
}
],
"release_date": "2025-03-13T13:51:54.957000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T08:32:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.src",
"BaseOS-8.2.0.Z.AUS:expat-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_2.x86_64",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.i686",
"BaseOS-8.2.0.Z.AUS:expat-devel-0:2.2.10-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:23078
Vulnerability from csaf_redhat - Published: 2025-12-10 18:24 - Updated: 2026-01-14 10:18Summary
Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (CUDA)
Notes
Topic
Red Hat AI Inference Server 3.2.2 (CUDA) is now available.
Details
Red Hat® AI Inference Server
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server 3.2.2 (CUDA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23078",
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-48022",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52355",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52356",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56433",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-5318",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53905",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53906",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59425",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6242",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62593",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62727",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8176",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9900",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23078.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server 3.2.2 (CUDA)",
"tracking": {
"current_release_date": "2026-01-14T10:18:01+00:00",
"generator": {
"date": "2026-01-14T10:18:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:23078",
"initial_release_date": "2025-12-10T18:24:36+00:00",
"revision_history": [
{
"date": "2025-12-10T18:24:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-10T18:24:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-14T10:18:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"product_id": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-cuda-rhel9@sha256%3Abddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.2-1765379088"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64",
"product": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64",
"product_id": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vllm-cuda-rhel9@sha256%3Aec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab?arch=arm64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.2-1765379088"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
},
"product_reference": "registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48022",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-08-07T17:35:20.588000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code execution on the affected Ray cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray Job Submission Arbitrary Code Execution",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "RHBZ#2387122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022"
}
],
"release_date": "2025-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray Job Submission Arbitrary Code Execution"
},
{
"cve": "CVE-2023-52355",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251326"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified out-of-memory vulnerability in libtiff, triggered by a crafted TIFF file passed to the TIFFRasterScanlineSize64() API, presents a moderate severity concern rather than a important one due to several factors. Primarily, the exploit requires the crafted input to be smaller than 379 KB, imposing a limitation on the potential impact and reducing the likelihood of successful exploitation in practical scenarios. Furthermore, the nature of the vulnerability is limited to denial-of-service attacks, which, although disruptive, do not inherently pose a direct risk of data compromise or system compromise. However, it\u0027s important to acknowledge that denial-of-service attacks can still have significant operational implications, particularly in environments reliant on continuous availability.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-787: Out-of-bounds Write vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software settings, while least functionality reduces the attack surface by disabling unauthorized services and ports. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code exploiting out-of-bounds write vulnerabilities, using mechanisms such as file integrity monitoring and patch management. Robust input validation and error handling ensure all user inputs are thoroughly validated, preventing instability, data exposure, or privilege escalation. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against out-of-bounds write exploits.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "RHBZ#2251326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/621",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/621"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM"
},
{
"cve": "CVE-2023-52356",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251344"
}
],
"notes": [
{
"category": "description",
"text": "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw allows an attacker to potentially cause a denial of service attack by crashing a program, but the impact is minimal.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "RHBZ#2251344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/622",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/622"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service"
},
{
"cve": "CVE-2024-56433",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2024-12-26T09:00:54.065197+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2334165"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "RHBZ#2334165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241",
"url": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/issues/1157",
"url": "https://github.com/shadow-maint/shadow/issues/1157"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/releases/tag/4.4",
"url": "https://github.com/shadow-maint/shadow/releases/tag/4.4"
}
],
"release_date": "2024-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise"
},
{
"acknowledgments": [
{
"names": [
"Ronald Crane"
]
}
],
"cve": "CVE-2025-5318",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-05-29T06:48:59.169000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369131"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libssh: out-of-bounds read in sftp_handle()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue requires an attacker with valid credentials to access a server, limiting the scope to legitimate users of the SFTP service. Due to this reason, this flaw has been rated with a Moderate severity.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-125: Out-of-bounds Read vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe use of baseline configurations, change control, and configuration settings within the platform enforces secure system configurations, patch management, and proper runtime settings, which helps prevent the introduction of memory handling issues through insecure defaults, unpatched components, and misconfigurations. Specifically, the use of process isolation and memory protection ensures memory integrity by isolating processes and enforcing memory protection mechanisms that limit an attacker\u0027s ability to exploit or read memory. System monitoring controls provide an additional layer of protection in the detection of anomalous behavior and unauthorized memory-related access.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "RHBZ#2369131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt",
"url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt"
}
],
"release_date": "2025-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libssh: out-of-bounds read in sftp_handle()"
},
{
"cve": "CVE-2025-6242",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-06-18T15:26:47.633000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373716"
}
],
"notes": [
{
"category": "description",
"text": "A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project\u0027s multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Server Side request forgery (SSRF) in MediaConnector",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as having the severity of Important by the Red Hat Product Security team as a successful exploitation by an attacker may lead to confidential data being leaked or a denial of service. Additionally the fact a unprivileged user can trigger this vulnerability through the network also contributes for the severity.\n\nThis vulnerability has its risk amplified on orchestrated environments as pods running the vLLM may eventually communicate with each other through internal cluster routing, including services that should not have been exposed to external networks. An attacker may leverage this flaw to interact with internal services, perform network reconnaissance or trigger a denial of service by leading other internal services to fail.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "RHBZ#2373716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373716"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Server Side request forgery (SSRF) in MediaConnector"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8176",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-26T04:00:56.216434+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: LibTIFF Use-After-Free Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Important because it involves a use-after-free flaw in the get_histogram function of LibTIFF\u2019s tiffmedian tool. Successful exploitation may allow a local attacker to execute arbitrary code or cause a denial of service, leading to loss of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "RHBZ#2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176"
},
{
"category": "external",
"summary": "http://www.libtiff.org/",
"url": "http://www.libtiff.org/"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172",
"url": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/707",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/707"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727"
},
{
"category": "external",
"summary": "https://vuldb.com/?ctiid.317590",
"url": "https://vuldb.com/?ctiid.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.317590",
"url": "https://vuldb.com/?id.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?submit.621796",
"url": "https://vuldb.com/?submit.621796"
}
],
"release_date": "2025-07-26T03:32:08.851000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: LibTIFF Use-After-Free Vulnerability"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-787: Out-of-bounds Write or a CWE-125: Out-of-bounds Read vulnerability, and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines and baseline configurations to ensure secure system and software settings, while least functionality reduces the attack surface by disabling unnecessary services and ports. Rigorous development practices, including static analysis, input validation, and error handling, detect and mitigate memory vulnerabilities before deployment. Process isolation and memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) preserve memory integrity by confining faults to individual workloads and preventing unauthorized access. Malicious code protections and continuous system monitoring detect anomalous memory activity and exploitation attempts, reducing the likelihood and impact of out-of-bounds read and write vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"acknowledgments": [
{
"names": [
"Gareth C"
],
"organization": "AnchorSec Ltd."
}
],
"cve": "CVE-2025-9900",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2025-09-03T02:48:12.111000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file\u0027s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Libtiff Write-What-Where",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires user interaction to run the malicious TIFF image file, hence the CVE is maintained as important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "RHBZ#2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file",
"url": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/704",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/704"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732"
},
{
"category": "external",
"summary": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html",
"url": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"
}
],
"release_date": "2025-09-22T14:29:35.767000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: Libtiff Write-What-Where"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-53905",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:19.770241+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380362"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversial",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation enforces strict path constraints, rejecting directory traversal attempts or unauthorized file access. Runtime environments restrict code execution to predefined privilege levels, preventing escalation from traversal exploits. Configuration settings limit accessible directories and enforce execution boundaries to reduce the influence of user input on file system behavior. Application components are developed and validated against secure coding standards that explicitly prevent path manipulation, further minimizing exploitation risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "RHBZ#2380362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239",
"url": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr",
"url": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr"
}
],
"release_date": "2025-07-15T20:48:34.764000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversial"
},
{
"cve": "CVE-2025-53906",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:15.057182+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380360"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation enforces strict path constraints, rejecting directory traversal attempts or unauthorized file access. Runtime environments restrict code execution to predefined privilege levels, preventing escalation from traversal exploits. Configuration settings limit accessible directories and enforce execution boundaries to reduce the influence of user input on file system behavior. Application components are developed and validated against secure coding standards that explicitly prevent path manipulation, further minimizing exploitation risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "RHBZ#2380360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8",
"url": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86",
"url": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86"
}
],
"release_date": "2025-07-15T20:52:40.137000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversal"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-59425",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2025-09-22T06:45:41.577000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397234"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM\u2019s API token authentication logic, where token comparisons were not performed in constant time. This weakness could allow an attacker to exploit timing differences to guess valid tokens and bypass authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The RedHat security team has rated the severity of this issue as Important. The vulnerability is remotely exploitable without authentication or user interaction and can result in authentication bypass. The root cause was the use of a non-constant-time string comparison, which leaked timing information. Successful exploitation could lead to unauthorized access to APIs and sensitive resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "RHBZ#2397234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48",
"url": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass"
},
{
"cve": "CVE-2025-62593",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-11-26T23:01:25.307125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417394"
}
],
"notes": [
{
"category": "description",
"text": "Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense uses the User-Agent header starting with the string \"Mozilla\" as a defense mechanism. This defense is insufficient as the fetch specification allows the User-Agent header to be modified. Combined with a DNS rebinding attack against the browser, and this vulnerability is exploitable against a developer running Ray who inadvertently visits a malicious website, or is served a malicious advertisement (malvertising). This issue has been patched in version 2.52.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has chosen to keep this as Important instead of Critical severity because the successful exploitation of this vulnerability requires user interaction in conjunction with a DNS rebinding attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "RHBZ#2417394",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417394"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62593",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62593"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09",
"url": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v",
"url": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v"
}
],
"release_date": "2025-11-26T22:28:28.577000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack"
},
{
"cve": "CVE-2025-62727",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2025-10-28T21:01:03.833849+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406929"
}
],
"notes": [
{
"category": "description",
"text": "Starlette is a lightweight ASGI framework/toolkit. Starting in version 0.39.0 and prior to version 0.49.1 , an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette\u0027s FileResponse Range parsing/merging logic. This enables CPU exhaustion per request, causing denial\u2011of\u2011service for endpoints serving files (e.g., StaticFiles or any use of FileResponse). This vulnerability is fixed in 0.49.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "starlette: Starlette DoS via Range header merging",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "RHBZ#2406929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5",
"url": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8",
"url": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8"
}
],
"release_date": "2025-10-28T20:14:53.655000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "starlette: Starlette DoS via Range header merging"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:24:36+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23078",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b_amd64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/vllm-cuda-rhel9@sha256:ec961e5acfde5c1ad0a7e0e2c86a0bf56b9bc46357fa124f9db6dff1006076ab_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
}
]
}
RHSA-2025:23080
Vulnerability from csaf_redhat - Published: 2025-12-10 18:26 - Updated: 2026-01-14 10:18Summary
Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.2 (CUDA)
Notes
Topic
Red Hat AI Inference Server Model Optimization Tools 3.2.2 (CUDA) is now available.
Details
Red Hat® AI Inference Server Model Optimization Tools
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat AI Inference Server Model Optimization Tools 3.2.2 (CUDA) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat\u00ae AI Inference Server Model Optimization Tools",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23080",
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-48022",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52355",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2023-52356",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-56433",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22868",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-22869",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52565",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-5318",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53905",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-53906",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59425",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6242",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62593",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62727",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66448",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8176",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9230",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9900",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://www.redhat.com/en/products/ai/inference-server",
"url": "https://www.redhat.com/en/products/ai/inference-server"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23080.json"
}
],
"title": "Red Hat Security Advisory: Red Hat AI Inference Server Model Optimization Tools 3.2.2 (CUDA)",
"tracking": {
"current_release_date": "2026-01-14T10:18:06+00:00",
"generator": {
"date": "2026-01-14T10:18:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:23080",
"initial_release_date": "2025-12-10T18:26:32+00:00",
"revision_history": [
{
"date": "2025-12-10T18:26:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-10T18:26:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-14T10:18:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat AI Inference Server 3.2",
"product": {
"name": "Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ai_inference_server:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat AI Inference Server"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64",
"product": {
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64",
"product_id": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/model-opt-cuda-rhel9@sha256%3Adce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b?arch=amd64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.2-1764871796"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"product": {
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"product_id": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/model-opt-cuda-rhel9@sha256%3A14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7?arch=arm64\u0026repository_url=registry.redhat.io/rhaiis\u0026tag=3.2.2-1764871796"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64"
},
"product_reference": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64 as a component of Red Hat AI Inference Server 3.2",
"product_id": "Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
},
"product_reference": "registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64",
"relates_to_product_reference": "Red Hat AI Inference Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-48022",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-08-07T17:35:20.588000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ray. The job submission API allows a remote attacker to execute arbitrary code due to insufficient input validation. An unauthenticated attacker can trigger this vulnerability by sending a malicious job submission request. Successful exploitation results in arbitrary code execution on the affected Ray cluster.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray Job Submission Arbitrary Code Execution",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-48022"
},
{
"category": "external",
"summary": "RHBZ#2387122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-48022",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48022"
}
],
"release_date": "2025-08-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray Job Submission Arbitrary Code Execution"
},
{
"cve": "CVE-2023-52355",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251326"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The identified out-of-memory vulnerability in libtiff, triggered by a crafted TIFF file passed to the TIFFRasterScanlineSize64() API, presents a moderate severity concern rather than a important one due to several factors. Primarily, the exploit requires the crafted input to be smaller than 379 KB, imposing a limitation on the potential impact and reducing the likelihood of successful exploitation in practical scenarios. Furthermore, the nature of the vulnerability is limited to denial-of-service attacks, which, although disruptive, do not inherently pose a direct risk of data compromise or system compromise. However, it\u0027s important to acknowledge that denial-of-service attacks can still have significant operational implications, particularly in environments reliant on continuous availability.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-787: Out-of-bounds Write vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings necessary for operational requirements. Baseline configurations and system controls ensure secure software settings, while least functionality reduces the attack surface by disabling unauthorized services and ports. The environment employs IPS/IDS and antimalware solutions to detect and prevent malicious code exploiting out-of-bounds write vulnerabilities, using mechanisms such as file integrity monitoring and patch management. Robust input validation and error handling ensure all user inputs are thoroughly validated, preventing instability, data exposure, or privilege escalation. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to strengthen resilience against out-of-bounds write exploits.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52355"
},
{
"category": "external",
"summary": "RHBZ#2251326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251326"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52355"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52355"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/621",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/621"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: TIFFRasterScanlineSize64 produce too-big size and could cause OOM"
},
{
"cve": "CVE-2023-52356",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2023-11-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2251344"
}
],
"notes": [
{
"category": "description",
"text": "A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw allows an attacker to potentially cause a denial of service attack by crashing a program, but the impact is minimal.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-52356"
},
{
"category": "external",
"summary": "RHBZ#2251344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-52356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52356"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52356"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/622",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/622"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/546"
}
],
"release_date": "2023-11-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service"
},
{
"cve": "CVE-2024-56433",
"cwe": {
"id": "CWE-1188",
"name": "Initialization of a Resource with an Insecure Default"
},
"discovery_date": "2024-12-26T09:00:54.065197+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2334165"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in shadow-utils. Affected versions of shadow-utils establish a default /etc/subuid behavior, for example, uid 100000 through 165535 for the first user account, that can conflict with the uids of users defined on locally administered networks. This issue potentially leads to account takeover by leveraging newuidmap for access to an NFS home directory or same-host resources for remote logins by these local network users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-56433"
},
{
"category": "external",
"summary": "RHBZ#2334165",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2334165"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56433"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241",
"url": "https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/issues/1157",
"url": "https://github.com/shadow-maint/shadow/issues/1157"
},
{
"category": "external",
"summary": "https://github.com/shadow-maint/shadow/releases/tag/4.4",
"url": "https://github.com/shadow-maint/shadow/releases/tag/4.4"
}
],
"release_date": "2024-12-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise"
},
{
"acknowledgments": [
{
"names": [
"Ronald Crane"
]
}
],
"cve": "CVE-2025-5318",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-05-29T06:48:59.169000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2369131"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libssh: out-of-bounds read in sftp_handle()",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue requires an attacker with valid credentials to access a server, limiting the scope to legitimate users of the SFTP service. Due to this reason, this flaw has been rated with a Moderate severity.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-125: Out-of-bounds Read vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe use of baseline configurations, change control, and configuration settings within the platform enforces secure system configurations, patch management, and proper runtime settings, which helps prevent the introduction of memory handling issues through insecure defaults, unpatched components, and misconfigurations. Specifically, the use of process isolation and memory protection ensures memory integrity by isolating processes and enforcing memory protection mechanisms that limit an attacker\u0027s ability to exploit or read memory. System monitoring controls provide an additional layer of protection in the detection of anomalous behavior and unauthorized memory-related access.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-5318"
},
{
"category": "external",
"summary": "RHBZ#2369131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-5318"
},
{
"category": "external",
"summary": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt",
"url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt"
}
],
"release_date": "2025-06-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libssh: out-of-bounds read in sftp_handle()"
},
{
"cve": "CVE-2025-6242",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2025-06-18T15:26:47.633000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373716"
}
],
"notes": [
{
"category": "description",
"text": "A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project\u0027s multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Server Side request forgery (SSRF) in MediaConnector",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated as having the severity of Important by the Red Hat Product Security team as a successful exploitation by an attacker may lead to confidential data being leaked or a denial of service. Additionally the fact a unprivileged user can trigger this vulnerability through the network also contributes for the severity.\n\nThis vulnerability has its risk amplified on orchestrated environments as pods running the vLLM may eventually communicate with each other through internal cluster routing, including services that should not have been exposed to external networks. An attacker may leverage this flaw to interact with internal services, perform network reconnaissance or trigger a denial of service by leading other internal services to fail.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6242"
},
{
"category": "external",
"summary": "RHBZ#2373716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373716"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6242"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Server Side request forgery (SSRF) in MediaConnector"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8176",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-26T04:00:56.216434+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: LibTIFF Use-After-Free Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Important because it involves a use-after-free flaw in the get_histogram function of LibTIFF\u2019s tiffmedian tool. Successful exploitation may allow a local attacker to execute arbitrary code or cause a denial of service, leading to loss of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "RHBZ#2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176"
},
{
"category": "external",
"summary": "http://www.libtiff.org/",
"url": "http://www.libtiff.org/"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172",
"url": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/707",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/707"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727"
},
{
"category": "external",
"summary": "https://vuldb.com/?ctiid.317590",
"url": "https://vuldb.com/?ctiid.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.317590",
"url": "https://vuldb.com/?id.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?submit.621796",
"url": "https://vuldb.com/?submit.621796"
}
],
"release_date": "2025-07-26T03:32:08.851000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: LibTIFF Use-After-Free Vulnerability"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-09-17T12:15:34.387000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396054"
}
],
"notes": [
{
"category": "description",
"text": "Issue summary: An application trying to decrypt CMS messages encrypted using\npassword based encryption can trigger an out-of-bounds read and write.\n\nImpact summary: This out-of-bounds read may trigger a crash which leads to\nDenial of Service for an application. The out-of-bounds write can cause\na memory corruption which can have various consequences including\na Denial of Service or Execution of attacker-supplied code.\n\nAlthough the consequences of a successful exploit of this vulnerability\ncould be severe, the probability that the attacker would be able to\nperform it is low. Besides, password based (PWRI) encryption support in CMS\nmessages is very rarely used. For that reason the issue was assessed as\nModerate severity according to our Security Policy.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the CMS implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability was rated as Moderate because, while the potential impact includes an application level denial of service and possible arbitrary code execution, successful exploitation is considered unlikely due to the high attack complexity and the fact that password-based CMS encryption (PWRI) is rarely used in real-world deployments.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-787: Out-of-bounds Write or a CWE-125: Out-of-bounds Read vulnerability, and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines and baseline configurations to ensure secure system and software settings, while least functionality reduces the attack surface by disabling unnecessary services and ports. Rigorous development practices, including static analysis, input validation, and error handling, detect and mitigate memory vulnerabilities before deployment. Process isolation and memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) preserve memory integrity by confining faults to individual workloads and preventing unauthorized access. Malicious code protections and continuous system monitoring detect anomalous memory activity and exploitation attempts, reducing the likelihood and impact of out-of-bounds read and write vulnerabilities.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9230"
},
{
"category": "external",
"summary": "RHBZ#2396054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9230"
}
],
"release_date": "2025-09-30T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssl: Out-of-bounds read \u0026 write in RFC 3211 KEK Unwrap"
},
{
"acknowledgments": [
{
"names": [
"Gareth C"
],
"organization": "AnchorSec Ltd."
}
],
"cve": "CVE-2025-9900",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2025-09-03T02:48:12.111000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file\u0027s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Libtiff Write-What-Where",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires user interaction to run the malicious TIFF image file, hence the CVE is maintained as important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "RHBZ#2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file",
"url": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/704",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/704"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732"
},
{
"category": "external",
"summary": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html",
"url": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"
}
],
"release_date": "2025-09-22T14:29:35.767000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: Libtiff Write-What-Where"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-52565",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.653000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404708"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape with malicious config due to /dev/console mount and related races",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52565"
},
{
"category": "external",
"summary": "RHBZ#2404708",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape with malicious config due to /dev/console mount and related races"
},
{
"cve": "CVE-2025-53905",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:19.770241+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380362"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversial",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation enforces strict path constraints, rejecting directory traversal attempts or unauthorized file access. Runtime environments restrict code execution to predefined privilege levels, preventing escalation from traversal exploits. Configuration settings limit accessible directories and enforce execution boundaries to reduce the influence of user input on file system behavior. Application components are developed and validated against secure coding standards that explicitly prevent path manipulation, further minimizing exploitation risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53905"
},
{
"category": "external",
"summary": "RHBZ#2380362",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380362"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53905"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239",
"url": "https://github.com/vim/vim/commit/87757c6b0a4b2c1f71c72ea8e1438b8fb116b239"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr",
"url": "https://github.com/vim/vim/security/advisories/GHSA-74v4-f3x9-ppvr"
}
],
"release_date": "2025-07-15T20:48:34.764000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversial"
},
{
"cve": "CVE-2025-53906",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-07-15T21:01:15.057182+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380360"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw was found in Vim. Successful exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vim: Vim path traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation enforces strict path constraints, rejecting directory traversal attempts or unauthorized file access. Runtime environments restrict code execution to predefined privilege levels, preventing escalation from traversal exploits. Configuration settings limit accessible directories and enforce execution boundaries to reduce the influence of user input on file system behavior. Application components are developed and validated against secure coding standards that explicitly prevent path manipulation, further minimizing exploitation risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-53906"
},
{
"category": "external",
"summary": "RHBZ#2380360",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380360"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53906"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8",
"url": "https://github.com/vim/vim/commit/586294a04179d855c3d1d4ee5ea83931963680b8"
},
{
"category": "external",
"summary": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86",
"url": "https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86"
}
],
"release_date": "2025-07-15T20:52:40.137000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "vim: Vim path traversal"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
},
{
"cve": "CVE-2025-59425",
"cwe": {
"id": "CWE-208",
"name": "Observable Timing Discrepancy"
},
"discovery_date": "2025-09-22T06:45:41.577000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397234"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in vLLM\u2019s API token authentication logic, where token comparisons were not performed in constant time. This weakness could allow an attacker to exploit timing differences to guess valid tokens and bypass authentication.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The RedHat security team has rated the severity of this issue as Important. The vulnerability is remotely exploitable without authentication or user interaction and can result in authentication bypass. The root cause was the use of a non-constant-time string comparison, which leaked timing information. Successful exploitation could lead to unauthorized access to APIs and sensitive resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59425"
},
{
"category": "external",
"summary": "RHBZ#2397234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59425"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48",
"url": "https://github.com/vllm-project/vllm/commit/ee10d7e6ff5875386c7f136ce8b5f525c8fcef48"
}
],
"release_date": "2025-10-07T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: Timing Attack in vLLM API Token Verification Leading to Authentication Bypass"
},
{
"cve": "CVE-2025-62593",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-11-26T23:01:25.307125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417394"
}
],
"notes": [
{
"category": "description",
"text": "Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense uses the User-Agent header starting with the string \"Mozilla\" as a defense mechanism. This defense is insufficient as the fetch specification allows the User-Agent header to be modified. Combined with a DNS rebinding attack against the browser, and this vulnerability is exploitable against a developer running Ray who inadvertently visits a malicious website, or is served a malicious advertisement (malvertising). This issue has been patched in version 2.52.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat has chosen to keep this as Important instead of Critical severity because the successful exploitation of this vulnerability requires user interaction in conjunction with a DNS rebinding attack.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62593"
},
{
"category": "external",
"summary": "RHBZ#2417394",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417394"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62593",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62593"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62593"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09",
"url": "https://github.com/ray-project/ray/commit/70e7c72780bdec075dba6cad1afe0832772bfe09"
},
{
"category": "external",
"summary": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v",
"url": "https://github.com/ray-project/ray/security/advisories/GHSA-q279-jhrf-cc6v"
}
],
"release_date": "2025-11-26T22:28:28.577000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ray: Ray is vulnerable to RCE via Safari \u0026 Firefox Browsers through DNS Rebinding Attack"
},
{
"cve": "CVE-2025-62727",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"discovery_date": "2025-10-28T21:01:03.833849+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2406929"
}
],
"notes": [
{
"category": "description",
"text": "Starlette is a lightweight ASGI framework/toolkit. Starting in version 0.39.0 and prior to version 0.49.1 , an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette\u0027s FileResponse Range parsing/merging logic. This enables CPU exhaustion per request, causing denial\u2011of\u2011service for endpoints serving files (e.g., StaticFiles or any use of FileResponse). This vulnerability is fixed in 0.49.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "starlette: Starlette DoS via Range header merging",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62727"
},
{
"category": "external",
"summary": "RHBZ#2406929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2406929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62727"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5",
"url": "https://github.com/Kludex/starlette/commit/4ea6e22b489ec388d6004cfbca52dd5b147127c5"
},
{
"category": "external",
"summary": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8",
"url": "https://github.com/Kludex/starlette/security/advisories/GHSA-7f5h-v6xp-fcq8"
}
],
"release_date": "2025-10-28T20:14:53.655000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "starlette: Starlette DoS via Range header merging"
},
{
"cve": "CVE-2025-66448",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2025-12-01T23:01:07.198041+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418152"
}
],
"notes": [
{
"category": "description",
"text": "A remote code execution vulnerability has been identified in vLLM. An attacker can exploit a weakness in the model loading process to silently fetch and run unauthorized, malicious Python code on the host system. This happens because the engine mistakenly executes code from a remote repository referenced in a model\u0027s configuration, even when explicit security measures are set to prevent it.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "vllm: vLLM: Remote Code Execution via malicious model configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat because vLLM, when deployed in a Red Hat environment, is susceptible to remote code execution. An attacker can craft a malicious model configuration that, when loaded, fetches and executes arbitrary Python code from a remote repository, even if `trust_remote_code` is explicitly set to `False`.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66448"
},
{
"category": "external",
"summary": "RHBZ#2418152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66448"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66448"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86",
"url": "https://github.com/vllm-project/vllm/commit/ffb08379d8870a1a81ba82b72797f196838d0c86"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/pull/28126",
"url": "https://github.com/vllm-project/vllm/pull/28126"
},
{
"category": "external",
"summary": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm",
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-8fr4-5q9j-m8gm"
}
],
"release_date": "2025-12-01T22:45:42.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T18:26:32+00:00",
"details": "For more information visit https://access.redhat.com/errata/RHSA-2025:23080",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7_arm64",
"Red Hat AI Inference Server 3.2:registry.redhat.io/rhaiis/model-opt-cuda-rhel9@sha256:dce6b0ea03379bf06664a5200af8b5f5ae3fad13cdce6d21873843f22554800b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "vllm: vLLM: Remote Code Execution via malicious model configuration"
}
]
}
RHSA-2025:21776
Vulnerability from csaf_redhat - Published: 2025-11-19 22:11 - Updated: 2026-01-13 22:44Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21776",
"url": "https://access.redhat.com/errata/RHSA-2025:21776"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21776.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:44:11+00:00",
"generator": {
"date": "2026-01-13T22:44:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:21776",
"initial_release_date": "2025-11-19T22:11:45+00:00",
"revision_history": [
{
"date": "2025-11-19T22:11:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-19T22:11:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:44:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el8_10.src",
"product": {
"name": "expat-0:2.5.0-1.el8_10.src",
"product_id": "expat-0:2.5.0-1.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el8_10.aarch64",
"product": {
"name": "expat-0:2.5.0-1.el8_10.aarch64",
"product_id": "expat-0:2.5.0-1.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-1.el8_10.aarch64",
"product": {
"name": "expat-devel-0:2.5.0-1.el8_10.aarch64",
"product_id": "expat-devel-0:2.5.0-1.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-1.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"product": {
"name": "expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"product_id": "expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-1.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"product": {
"name": "expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"product_id": "expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-1.el8_10?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el8_10.ppc64le",
"product": {
"name": "expat-0:2.5.0-1.el8_10.ppc64le",
"product_id": "expat-0:2.5.0-1.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-1.el8_10.ppc64le",
"product": {
"name": "expat-devel-0:2.5.0-1.el8_10.ppc64le",
"product_id": "expat-devel-0:2.5.0-1.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-1.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"product": {
"name": "expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"product_id": "expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-1.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"product_id": "expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-1.el8_10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el8_10.i686",
"product": {
"name": "expat-0:2.5.0-1.el8_10.i686",
"product_id": "expat-0:2.5.0-1.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-1.el8_10.i686",
"product": {
"name": "expat-devel-0:2.5.0-1.el8_10.i686",
"product_id": "expat-devel-0:2.5.0-1.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-1.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-1.el8_10.i686",
"product": {
"name": "expat-debugsource-0:2.5.0-1.el8_10.i686",
"product_id": "expat-debugsource-0:2.5.0-1.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-1.el8_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-1.el8_10.i686",
"product": {
"name": "expat-debuginfo-0:2.5.0-1.el8_10.i686",
"product_id": "expat-debuginfo-0:2.5.0-1.el8_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-1.el8_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el8_10.x86_64",
"product": {
"name": "expat-0:2.5.0-1.el8_10.x86_64",
"product_id": "expat-0:2.5.0-1.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-1.el8_10.x86_64",
"product": {
"name": "expat-devel-0:2.5.0-1.el8_10.x86_64",
"product_id": "expat-devel-0:2.5.0-1.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-1.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"product": {
"name": "expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"product_id": "expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-1.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"product": {
"name": "expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"product_id": "expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-1.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.5.0-1.el8_10.s390x",
"product": {
"name": "expat-0:2.5.0-1.el8_10.s390x",
"product_id": "expat-0:2.5.0-1.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.5.0-1.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.5.0-1.el8_10.s390x",
"product": {
"name": "expat-devel-0:2.5.0-1.el8_10.s390x",
"product_id": "expat-devel-0:2.5.0-1.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.5.0-1.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.5.0-1.el8_10.s390x",
"product": {
"name": "expat-debugsource-0:2.5.0-1.el8_10.s390x",
"product_id": "expat-debugsource-0:2.5.0-1.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.5.0-1.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"product": {
"name": "expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"product_id": "expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.5.0-1.el8_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64"
},
"product_reference": "expat-0:2.5.0-1.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686"
},
"product_reference": "expat-0:2.5.0-1.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le"
},
"product_reference": "expat-0:2.5.0-1.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x"
},
"product_reference": "expat-0:2.5.0-1.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el8_10.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src"
},
"product_reference": "expat-0:2.5.0-1.el8_10.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.5.0-1.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64"
},
"product_reference": "expat-0:2.5.0-1.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.5.0-1.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64"
},
"product_reference": "expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.5.0-1.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64"
},
"product_reference": "expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64"
},
"product_reference": "expat-devel-0:2.5.0-1.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el8_10.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686"
},
"product_reference": "expat-devel-0:2.5.0-1.el8_10.i686",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le"
},
"product_reference": "expat-devel-0:2.5.0-1.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x"
},
"product_reference": "expat-devel-0:2.5.0-1.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.5.0-1.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
},
"product_reference": "expat-devel-0:2.5.0-1.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0340",
"discovery_date": "2013-02-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1000109"
}
],
"notes": [
{
"category": "description",
"text": "expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: internal entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0340"
},
{
"category": "external",
"summary": "RHBZ#1000109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000109"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340"
}
],
"release_date": "2013-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-19T22:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21776"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: internal entity expansion"
},
{
"cve": "CVE-2022-23990",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-31T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2048356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: integer overflow in the doProlog function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security marked this flaw as Moderate Impact because the vulnerability includes a flaw that is present in a program\u2019s source code but to which no current or theoretically possible, but unproven, exploitation vectors exist or were found during the technical analysis of the flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23990"
},
{
"category": "external",
"summary": "RHBZ#2048356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23990"
}
],
"release_date": "2022-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-19T22:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: integer overflow in the doProlog function"
},
{
"cve": "CVE-2024-28757",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268766"
}
],
"notes": [
{
"category": "description",
"text": "An XML Entity Expansion flaw was found in libexpat. This flaw allows an attacker to cause a denial of service when there is an isolated use of external parsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: XML Entity Expansion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as a moderate severity because a flaw was found in the libexpat library in the xmlparse.c file, specifically in the handling of external parsers. The issue is an XML Entity Expansion flaw caused by the parser\u0027s failure to detect direct recursion when a parameter entity references itself in an external subset. An attacker can trigger this by submitting a specially crafted XML document, which creates an infinite processing loop, leading to uncontrolled resource consumption and causing a denial of service (DoS).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28757"
},
{
"category": "external",
"summary": "RHBZ#2268766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28757",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28757"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/839",
"url": "https://github.com/libexpat/libexpat/issues/839"
}
],
"release_date": "2024-03-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-19T22:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21776"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: XML Entity Expansion"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-19T22:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21776"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debuginfo-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-debugsource-0:2.5.0-1.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.i686",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:expat-devel-0:2.5.0-1.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2026:0076
Vulnerability from csaf_redhat - Published: 2026-01-05 18:01 - Updated: 2026-01-13 22:33Summary
Red Hat Security Advisory: spice-client-win security update
Notes
Topic
An update for spice-client-win is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Spice client MSI installers for Windows clients
Security Fix(es):
* sqlite: Integer Truncation in SQLite (CVE-2025-6965)
* libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)
* libtiff: Libtiff Write-What-Where (CVE-2025-9900)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for spice-client-win is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Spice client MSI installers for Windows clients\n\nSecurity Fix(es):\n\n* sqlite: Integer Truncation in SQLite (CVE-2025-6965)\n\n* libtiff: LibTIFF Use-After-Free Vulnerability (CVE-2025-8176)\n\n* libtiff: Libtiff Write-What-Where (CVE-2025-9900)\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0076",
"url": "https://access.redhat.com/errata/RHSA-2026:0076"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0076.json"
}
],
"title": "Red Hat Security Advisory: spice-client-win security update",
"tracking": {
"current_release_date": "2026-01-13T22:33:59+00:00",
"generator": {
"date": "2026-01-13T22:33:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2026:0076",
"initial_release_date": "2026-01-05T18:01:00+00:00",
"revision_history": [
{
"date": "2026-01-05T18:01:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-05T18:01:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:33:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "spice-client-win-0:8.10-3.el8_6.1.src",
"product": {
"name": "spice-client-win-0:8.10-3.el8_6.1.src",
"product_id": "spice-client-win-0:8.10-3.el8_6.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win@8.10-3.el8_6.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"product": {
"name": "spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"product_id": "spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win-x64@8.10-3.el8_6.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"product": {
"name": "spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"product_id": "spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/spice-client-win-x86@8.10-3.el8_6.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-0:8.10-3.el8_6.1.src as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src"
},
"product_reference": "spice-client-win-0:8.10-3.el8_6.1.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x64-0:8.10-3.el8_6.1.noarch as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch"
},
"product_reference": "spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x86-0:8.10-3.el8_6.1.noarch as a component of Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
},
"product_reference": "spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-0:8.10-3.el8_6.1.src as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src"
},
"product_reference": "spice-client-win-0:8.10-3.el8_6.1.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x64-0:8.10-3.el8_6.1.noarch as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch"
},
"product_reference": "spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x86-0:8.10-3.el8_6.1.noarch as a component of Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"product_id": "AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
},
"product_reference": "spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-0:8.10-3.el8_6.1.src as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src"
},
"product_reference": "spice-client-win-0:8.10-3.el8_6.1.src",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x64-0:8.10-3.el8_6.1.noarch as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch"
},
"product_reference": "spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spice-client-win-x86-0:8.10-3.el8_6.1.noarch as a component of Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"product_id": "AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
},
"product_reference": "spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"relates_to_product_reference": "AppStream-8.6.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T18:01:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0076"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-8176",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2025-07-26T04:00:56.216434+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2383598"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libtiff. The `get_histogram` function in `file/tiffmedian.c` exhibits a use-after-free condition when processing a specially crafted file, allowing a local attacker to trigger memory corruption. This manipulation results in a use-after-free vulnerability, and can lead to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: LibTIFF Use-After-Free Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability has been rated Important because it involves a use-after-free flaw in the get_histogram function of LibTIFF\u2019s tiffmedian tool. Successful exploitation may allow a local attacker to execute arbitrary code or cause a denial of service, leading to loss of confidentiality, integrity, and availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8176"
},
{
"category": "external",
"summary": "RHBZ#2383598",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383598"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8176"
},
{
"category": "external",
"summary": "http://www.libtiff.org/",
"url": "http://www.libtiff.org/"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172",
"url": "https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/707",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/707"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/727"
},
{
"category": "external",
"summary": "https://vuldb.com/?ctiid.317590",
"url": "https://vuldb.com/?ctiid.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?id.317590",
"url": "https://vuldb.com/?id.317590"
},
{
"category": "external",
"summary": "https://vuldb.com/?submit.621796",
"url": "https://vuldb.com/?submit.621796"
}
],
"release_date": "2025-07-26T03:32:08.851000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T18:01:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0076"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: LibTIFF Use-After-Free Vulnerability"
},
{
"acknowledgments": [
{
"names": [
"Gareth C"
],
"organization": "AnchorSec Ltd."
}
],
"cve": "CVE-2025-9900",
"cwe": {
"id": "CWE-123",
"name": "Write-what-where Condition"
},
"discovery_date": "2025-09-03T02:48:12.111000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2392784"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Libtiff. This vulnerability is a \"write-what-where\" condition, triggered when the library processes a specially crafted TIFF image file.\n\nBy providing an abnormally large image height value in the file\u0027s metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libtiff: Libtiff Write-What-Where",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires user interaction to run the malicious TIFF image file, hence the CVE is maintained as important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9900"
},
{
"category": "external",
"summary": "RHBZ#2392784",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392784"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9900"
},
{
"category": "external",
"summary": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file",
"url": "https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/issues/704",
"url": "https://gitlab.com/libtiff/libtiff/-/issues/704"
},
{
"category": "external",
"summary": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732",
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/732"
},
{
"category": "external",
"summary": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html",
"url": "https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"
}
],
"release_date": "2025-09-22T14:29:35.767000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T18:01:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0076"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libtiff: Libtiff Write-What-Where"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-05T18:01:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0076"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.6.0.Z.AUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.AUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.AUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.E4S:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.E4S:spice-client-win-x86-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-0:8.10-3.el8_6.1.src",
"AppStream-8.6.0.Z.TUS:spice-client-win-x64-0:8.10-3.el8_6.1.noarch",
"AppStream-8.6.0.Z.TUS:spice-client-win-x86-0:8.10-3.el8_6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:22842
Vulnerability from csaf_redhat - Published: 2025-12-09 07:23 - Updated: 2026-01-13 22:44Summary
Red Hat Security Advisory: expat security update
Notes
Topic
An update for expat is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Expat is a C library for parsing XML documents.
Security Fix(es):
* expat: internal entity expansion (CVE-2013-0340)
* expat: integer overflow in the doProlog function (CVE-2022-23990)
* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)
* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for expat is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Expat is a C library for parsing XML documents.\n\nSecurity Fix(es):\n\n* expat: internal entity expansion (CVE-2013-0340)\n\n* expat: integer overflow in the doProlog function (CVE-2022-23990)\n\n* libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat (CVE-2024-8176)\n\n* expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing (CVE-2025-59375)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22842",
"url": "https://access.redhat.com/errata/RHSA-2025:22842"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1000109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000109"
},
{
"category": "external",
"summary": "2048356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048356"
},
{
"category": "external",
"summary": "2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22842.json"
}
],
"title": "Red Hat Security Advisory: expat security update",
"tracking": {
"current_release_date": "2026-01-13T22:44:15+00:00",
"generator": {
"date": "2026-01-13T22:44:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.15"
}
},
"id": "RHSA-2025:22842",
"initial_release_date": "2025-12-09T07:23:09+00:00",
"revision_history": [
{
"date": "2025-12-09T07:23:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-09T07:23:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-13T22:44:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.6::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.6::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:8.6::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_6.i686",
"product": {
"name": "expat-0:2.2.10-1.el8_6.i686",
"product_id": "expat-0:2.2.10-1.el8_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_6.i686",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_6.i686",
"product_id": "expat-devel-0:2.2.10-1.el8_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_6.i686",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.i686",
"product_id": "expat-debugsource-0:2.2.10-1.el8_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_6.i686",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.i686",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_6.x86_64",
"product": {
"name": "expat-0:2.2.10-1.el8_6.x86_64",
"product_id": "expat-0:2.2.10-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_6.x86_64",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_6.x86_64",
"product_id": "expat-devel-0:2.2.10-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"product_id": "expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_6.src",
"product": {
"name": "expat-0:2.2.10-1.el8_6.src",
"product_id": "expat-0:2.2.10-1.el8_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_6.aarch64",
"product": {
"name": "expat-0:2.2.10-1.el8_6.aarch64",
"product_id": "expat-0:2.2.10-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_6.aarch64",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_6.aarch64",
"product_id": "expat-devel-0:2.2.10-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"product_id": "expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_6.s390x",
"product": {
"name": "expat-0:2.2.10-1.el8_6.s390x",
"product_id": "expat-0:2.2.10-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_6.s390x",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_6.s390x",
"product_id": "expat-devel-0:2.2.10-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_6.s390x",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.s390x",
"product_id": "expat-debugsource-0:2.2.10-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-0:2.2.10-1.el8_6.ppc64le",
"product": {
"name": "expat-0:2.2.10-1.el8_6.ppc64le",
"product_id": "expat-0:2.2.10-1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat@2.2.10-1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-devel-0:2.2.10-1.el8_6.ppc64le",
"product": {
"name": "expat-devel-0:2.2.10-1.el8_6.ppc64le",
"product_id": "expat-devel-0:2.2.10-1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-devel@2.2.10-1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"product": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"product_id": "expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debugsource@2.2.10-1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"product": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"product_id": "expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/expat-debuginfo@2.2.10-1.el8_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.src as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src"
},
"product_reference": "expat-0:2.2.10-1.el8_6.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64"
},
"product_reference": "expat-0:2.2.10-1.el8_6.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le"
},
"product_reference": "expat-0:2.2.10-1.el8_6.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x"
},
"product_reference": "expat-0:2.2.10-1.el8_6.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src"
},
"product_reference": "expat-0:2.2.10-1.el8_6.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_6.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_6.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_6.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_6.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_6.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_6.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_6.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.src as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src"
},
"product_reference": "expat-0:2.2.10-1.el8_6.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debuginfo-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-debugsource-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_6.i686 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_6.i686",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-devel-0:2.2.10-1.el8_6.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
},
"product_reference": "expat-devel-0:2.2.10-1.el8_6.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0340",
"discovery_date": "2013-02-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1000109"
}
],
"notes": [
{
"category": "description",
"text": "expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: internal entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64"
],
"known_not_affected": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-0340"
},
{
"category": "external",
"summary": "RHBZ#1000109",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1000109"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0340"
}
],
"release_date": "2013-02-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T07:23:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22842"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: internal entity expansion"
},
{
"cve": "CVE-2022-23990",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2022-01-31T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2048356"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: integer overflow in the doProlog function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security marked this flaw as Moderate Impact because the vulnerability includes a flaw that is present in a program\u2019s source code but to which no current or theoretically possible, but unproven, exploitation vectors exist or were found during the technical analysis of the flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64"
],
"known_not_affected": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-23990"
},
{
"category": "external",
"summary": "RHBZ#2048356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2048356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-23990",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23990"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23990",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23990"
}
],
"release_date": "2022-01-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T07:23:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22842"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "expat: integer overflow in the doProlog function"
},
{
"acknowledgments": [
{
"names": [
"Jann Horn"
],
"organization": "Google Project Zero"
},
{
"names": [
"Tomas Korbar",
"Sandipan Roy"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
},
{
"names": [
"Sebastian Pipping"
],
"organization": "libexpat"
}
],
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-06-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310137"
}
],
"notes": [
{
"category": "description",
"text": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "All supported Red Hat offerings are built with the compilation flag (-fstack-clash-protection) which reduces the impact to Moderate. This build configuration blocks the possibility of an attacker gaining arbitrary code execution even if a stack-clash vulnerability, like this one, could be exploited.\n\nThis vulnerability is rated Moderate because Red Hat builds use the `-fstack-clash-protection` compiler flag, which mitigates the risk of arbitrary code execution from stack overflows. While the flaw allows a crash via uncontrolled recursion in XML parsing, the hardened stack layout prevents reliable memory corruption, limiting the impact to a Denial of Service (DoS) scenario.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-674: Uncontrolled Recursion vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation controls ensure that inputs triggering recursion are validated to stay within safe limits, which reduces the risk of infinite or excessive recursion. The implementation of least functionality on the platform further restricts potential impacts of recursions by disabling unnecessary recursive functions or features, thus reducing the available pathways for a would-be attacker. The inclusion of developer testing and evaluation ensures that recursive functions are tested and that safeguards like error handling are in place. In the case of successful exploitation, detection and containment controls are in place to limit impacts by alerting on anomalous system behavior in real time, while process isolation can limit impacts to a single process.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64"
],
"known_not_affected": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8176"
},
{
"category": "external",
"summary": "RHBZ#2310137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8176"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/893",
"url": "https://github.com/libexpat/libexpat/issues/893"
}
],
"release_date": "2025-03-13T13:51:54.957000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T07:23:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22842"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classify as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64"
],
"known_not_affected": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/issues/1018",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"category": "external",
"summary": "https://github.com/libexpat/libexpat/pull/1034",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"category": "external",
"summary": "https://issues.oss-fuzz.com/issues/439133977",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T07:23:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22842"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.AUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.AUS:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.E4S:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.aarch64",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.ppc64le",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.s390x",
"BaseOS-8.6.0.Z.E4S:expat-devel-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.src",
"BaseOS-8.6.0.Z.TUS:expat-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debuginfo-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-debugsource-0:2.2.10-1.el8_6.x86_64",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.i686",
"BaseOS-8.6.0.Z.TUS:expat-devel-0:2.2.10-1.el8_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
WID-SEC-W-2025-2360
Vulnerability from csaf_certbund - Published: 2025-10-21 22:00 - Updated: 2025-11-17 23:00Summary
Oracle Communications Applications: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Communications Applications umfasst eine Sammlung von Werkzeugen zur Verwaltung von Messaging-, Kommunikationsdiensten und -ressourcen.
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Communications Applications umfasst eine Sammlung von Werkzeugen zur Verwaltung von Messaging-, Kommunikationsdiensten und -ressourcen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Communications Applications ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2360 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2360.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2360 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2360"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - October 2025 - Appendix Oracle Communications Applications vom 2025-10-21",
"url": "https://www.oracle.com/security-alerts/cpuoct2025.html#AppendixCAGBU"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-018 vom 2025-11-18",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/11/Xerox-Security-Bulletin-XRX25-018-Xerox-FreeFlow-Print-Server-v7.pdf"
}
],
"source_lang": "en-US",
"title": "Oracle Communications Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-17T23:00:00.000+00:00",
"generator": {
"date": "2025-11-18T08:13:07.419+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2360",
"initial_release_date": "2025-10-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-11-17T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=2.0.0.1.0",
"product": {
"name": "Oracle Communications Applications \u003c=2.0.0.1.0",
"product_id": "T047971"
}
},
{
"category": "product_version_range",
"name": "\u003c=2.0.0.1.0",
"product": {
"name": "Oracle Communications Applications \u003c=2.0.0.1.0",
"product_id": "T047971-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.6.0.0",
"product": {
"name": "Oracle Communications Applications \u003c=12.0.6.0.0",
"product_id": "T047972"
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.6.0.0",
"product": {
"name": "Oracle Communications Applications \u003c=12.0.6.0.0",
"product_id": "T047972-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=15.0.1.0.0",
"product": {
"name": "Oracle Communications Applications \u003c=15.0.1.0.0",
"product_id": "T047973"
}
},
{
"category": "product_version_range",
"name": "\u003c=15.0.1.0.0",
"product": {
"name": "Oracle Communications Applications \u003c=15.0.1.0.0",
"product_id": "T047973-fixed"
}
},
{
"category": "product_version",
"name": "15.1.0.0.0",
"product": {
"name": "Oracle Communications Applications 15.1.0.0.0",
"product_id": "T047974",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:15.1.0.0.0"
}
}
},
{
"category": "product_version",
"name": "8.1.0.28",
"product": {
"name": "Oracle Communications Applications 8.1.0.28",
"product_id": "T047975",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:8.1.0.28"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=6.1.1",
"product": {
"name": "Oracle Communications Applications \u003c=6.1.1",
"product_id": "T047976"
}
},
{
"category": "product_version_range",
"name": "\u003c=6.1.1",
"product": {
"name": "Oracle Communications Applications \u003c=6.1.1",
"product_id": "T047976-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.8.0",
"product": {
"name": "Oracle Communications Applications \u003c=7.8.0",
"product_id": "T047977"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.8.0",
"product": {
"name": "Oracle Communications Applications \u003c=7.8.0",
"product_id": "T047977-fixed"
}
},
{
"category": "product_version",
"name": "8.0.0.8.0",
"product": {
"name": "Oracle Communications Applications 8.0.0.8.0",
"product_id": "T047978",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:8.0.0.8.0"
}
}
},
{
"category": "product_version",
"name": "8.0.0.9.0",
"product": {
"name": "Oracle Communications Applications 8.0.0.9.0",
"product_id": "T047979",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:8.0.0.9.0"
}
}
},
{
"category": "product_version",
"name": "2.0.0.0.0",
"product": {
"name": "Oracle Communications Applications 2.0.0.0.0",
"product_id": "T047980",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:2.0.0.0.0"
}
}
},
{
"category": "product_version",
"name": "2.0.0.1.0",
"product": {
"name": "Oracle Communications Applications 2.0.0.1.0",
"product_id": "T047981",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:2.0.0.1.0"
}
}
},
{
"category": "product_version",
"name": "3.0.3.4.0",
"product": {
"name": "Oracle Communications Applications 3.0.3.4.0",
"product_id": "T047982",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:3.0.3.4.0"
}
}
},
{
"category": "product_version",
"name": "12.0.6.0.0",
"product": {
"name": "Oracle Communications Applications 12.0.6.0.0",
"product_id": "T047983",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:12.0.6.0.0"
}
}
},
{
"category": "product_version",
"name": "7.4.0",
"product": {
"name": "Oracle Communications Applications 7.4.0",
"product_id": "T047984",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.4.0"
}
}
},
{
"category": "product_version",
"name": "15.0.1.0.0",
"product": {
"name": "Oracle Communications Applications 15.0.1.0.0",
"product_id": "T047992",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:15.0.1.0.0"
}
}
},
{
"category": "product_version",
"name": "15.0.0.0.0",
"product": {
"name": "Oracle Communications Applications 15.0.0.0.0",
"product_id": "T047993",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:15.0.0.0.0"
}
}
},
{
"category": "product_version",
"name": "7.3.6",
"product": {
"name": "Oracle Communications Applications 7.3.6",
"product_id": "T047994",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.3.6"
}
}
},
{
"category": "product_version",
"name": "3.0.3.3.0",
"product": {
"name": "Oracle Communications Applications 3.0.3.3.0",
"product_id": "T047996",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:3.0.3.3.0"
}
}
},
{
"category": "product_version",
"name": "8.0.0.7.0",
"product": {
"name": "Oracle Communications Applications 8.0.0.7.0",
"product_id": "T047997",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:8.0.0.7.0"
}
}
},
{
"category": "product_version",
"name": "7.8.0",
"product": {
"name": "Oracle Communications Applications 7.8.0",
"product_id": "T047998",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.8.0"
}
}
},
{
"category": "product_version",
"name": "7.7.0",
"product": {
"name": "Oracle Communications Applications 7.7.0",
"product_id": "T047999",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.7.0"
}
}
},
{
"category": "product_version",
"name": "7.5.1",
"product": {
"name": "Oracle Communications Applications 7.5.1",
"product_id": "T048000",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.5.1"
}
}
},
{
"category": "product_version",
"name": "6.1.1",
"product": {
"name": "Oracle Communications Applications 6.1.1",
"product_id": "T048001",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:6.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=7.5.1",
"product": {
"name": "Oracle Communications Applications \u003c=7.5.1",
"product_id": "T048003"
}
},
{
"category": "product_version_range",
"name": "\u003c=7.5.1",
"product": {
"name": "Oracle Communications Applications \u003c=7.5.1",
"product_id": "T048003-fixed"
}
},
{
"category": "product_version",
"name": "8.2.0.1.0",
"product": {
"name": "Oracle Communications Applications 8.2.0.1.0",
"product_id": "T048004",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:8.2.0.1.0"
}
}
},
{
"category": "product_version",
"name": "8.1.0.4.0",
"product": {
"name": "Oracle Communications Applications 8.1.0.4.0",
"product_id": "T048005",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:8.1.0.4.0"
}
}
},
{
"category": "product_version",
"name": "8.0.0.5.0",
"product": {
"name": "Oracle Communications Applications 8.0.0.5.0",
"product_id": "T048006",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:8.0.0.5.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.0.8.0",
"product": {
"name": "Oracle Communications Applications \u003c=12.0.0.8.0",
"product_id": "T048008"
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.0.8.0",
"product": {
"name": "Oracle Communications Applications \u003c=12.0.0.8.0",
"product_id": "T048008-fixed"
}
},
{
"category": "product_version",
"name": "7.5.0",
"product": {
"name": "Oracle Communications Applications 7.5.0",
"product_id": "T048009",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.5.0"
}
}
},
{
"category": "product_version",
"name": "7.4.1",
"product": {
"name": "Oracle Communications Applications 7.4.1",
"product_id": "T048010",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:communications_applications:7.4.1"
}
}
}
],
"category": "product_name",
"name": "Communications Applications"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "v7",
"product": {
"name": "Xerox FreeFlow Print Server v7",
"product_id": "T035098",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v7"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-12133",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-12133"
},
{
"cve": "CVE-2024-28182",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-35164",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-35164"
},
{
"cve": "CVE-2024-37371",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-50609",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-50609"
},
{
"cve": "CVE-2024-51504",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-51504"
},
{
"cve": "CVE-2024-57699",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2024-7254",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-8006",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2024-8006"
},
{
"cve": "CVE-2025-27210",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-27210"
},
{
"cve": "CVE-2025-27533",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-27533"
},
{
"cve": "CVE-2025-27553",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-27553"
},
{
"cve": "CVE-2025-27817",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-27817"
},
{
"cve": "CVE-2025-32415",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-32415"
},
{
"cve": "CVE-2025-32990",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-32990"
},
{
"cve": "CVE-2025-4517",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-4517"
},
{
"cve": "CVE-2025-48734",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-48734"
},
{
"cve": "CVE-2025-48924",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48976",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-49796",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-5115",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-5115"
},
{
"cve": "CVE-2025-52999",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-52999"
},
{
"cve": "CVE-2025-5318",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-5318"
},
{
"cve": "CVE-2025-53864",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-53864"
},
{
"cve": "CVE-2025-5399",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-5399"
},
{
"cve": "CVE-2025-54090",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-54090"
},
{
"cve": "CVE-2025-55163",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-5889",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-5889"
},
{
"cve": "CVE-2025-59375",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-59375"
},
{
"cve": "CVE-2025-6965",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-7339",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-7339"
},
{
"cve": "CVE-2025-8058",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-8058"
},
{
"cve": "CVE-2025-9086",
"product_status": {
"known_affected": [
"T048010",
"T035098",
"T047999",
"T047978",
"T047975",
"T047997",
"T048009",
"T047998",
"T047979",
"T047980",
"T047981",
"T047992",
"T048001",
"T048000",
"T047984",
"T047974",
"T047996",
"T048006",
"T047982",
"T047993",
"T048005",
"T047983",
"T047994",
"T048004"
],
"last_affected": [
"T047977",
"T047976",
"T048008",
"T048003",
"T047973",
"T047971",
"T047972"
]
},
"release_date": "2025-10-21T22:00:00.000+00:00",
"title": "CVE-2025-9086"
}
]
}
WID-SEC-W-2025-2045
Vulnerability from csaf_certbund - Published: 2025-09-14 22:00 - Updated: 2026-01-05 23:00Summary
expat: Schwachstelle ermöglicht Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Expat ist ein XML Parser, der in der Programmiersprache-C geschrieben ist.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in expat ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Expat ist ein XML Parser, der in der Programmiersprache-C geschrieben ist.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in expat ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2045 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2045.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2045 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2045"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2025-09-14",
"url": "https://github.com/advisories/GHSA-vjqp-pjp6-xcxx"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-CC94888079 vom 2025-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-cc94888079"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-639F53EA67 vom 2025-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-639f53ea67"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-790553F7F2 vom 2025-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-790553f7f2"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-31169045F8 vom 2025-09-18",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-31169045f8"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-D936540EF5 vom 2025-09-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-d936540ef5"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15573-1 vom 2025-09-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EFSAMQJSUHDOF3QNDM7EH3OFWUBR3FJK/"
},
{
"category": "external",
"summary": "OpenBSD Errata vom 2025-09-30",
"url": "http://www.openbsd.org/errata76.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03508-1 vom 2025-10-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022808.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03537-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022819.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03536-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022820.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03624-1 vom 2025-10-17",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/H72QQFCPEN5MTTLNFOWELS7GCWSZT62U/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19020 vom 2025-10-27",
"url": "https://access.redhat.com/errata/RHSA-2025:19020"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20868-1 vom 2025-10-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023062.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20895-1 vom 2025-10-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/023119.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19403 vom 2025-11-03",
"url": "https://access.redhat.com/errata/RHSA-2025:19403"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-19403 vom 2025-11-03",
"url": "https://linux.oracle.com/errata/ELSA-2025-19403.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:19403 vom 2025-11-06",
"url": "https://errata.build.resf.org/RLSA-2025:19403"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21030 vom 2025-11-11",
"url": "https://access.redhat.com/errata/RHSA-2025:21030"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21776 vom 2025-11-19",
"url": "https://access.redhat.com/errata/RHSA-2025:21776"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21773 vom 2025-11-19",
"url": "https://access.redhat.com/errata/RHSA-2025:21773"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:21776 vom 2025-11-20",
"url": "https://errata.build.resf.org/RLSA-2025:21776"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21776 vom 2025-11-20",
"url": "https://linux.oracle.com/errata/ELSA-2025-21776.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025-20055-1 vom 2025-11-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LH6ZNYI5YJMRXQYKWSESWHKLCNLOCG4L/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21974 vom 2025-11-24",
"url": "https://access.redhat.com/errata/RHSA-2025:21974"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22034 vom 2025-11-25",
"url": "https://access.redhat.com/errata/RHSA-2025:22034"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22035 vom 2025-11-25",
"url": "https://access.redhat.com/errata/RHSA-2025:22035"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22033 vom 2025-11-25",
"url": "https://access.redhat.com/errata/RHSA-2025:22033"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:21974 vom 2025-11-25",
"url": "https://errata.build.resf.org/RLSA-2025:21974"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21974 vom 2025-11-25",
"url": "https://linux.oracle.com/errata/ELSA-2025-21974.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22175 vom 2025-11-26",
"url": "https://access.redhat.com/errata/RHSA-2025:22175"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21006-1 vom 2025-11-26",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023385.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-22175 vom 2025-11-26",
"url": "http://linux.oracle.com/errata/ELSA-2025-22175.html"
},
{
"category": "external",
"summary": "Meinberg Security Advisory MBGSA-2025.06 vom 2025-11-27",
"url": "https://www.meinberg.de/german/news/meinberg-security-advisory-mbgsa-2025-06-lantime-firmware-v7-10-004.htm"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:21028-1 vom 2025-11-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023405.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:22175 vom 2025-11-28",
"url": "https://errata.build.resf.org/RLSA-2025:22175"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22607 vom 2025-12-02",
"url": "https://access.redhat.com/errata/RHSA-2025:22607"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22618 vom 2025-12-02",
"url": "https://access.redhat.com/errata/RHSA-2025:22618"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21030 vom 2025-12-03",
"url": "https://linux.oracle.com/errata/ELSA-2025-21030.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22785 vom 2025-12-05",
"url": "https://access.redhat.com/errata/RHSA-2025:22785"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22842 vom 2025-12-08",
"url": "https://access.redhat.com/errata/RHSA-2025:22842"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22871 vom 2025-12-09",
"url": "https://access.redhat.com/errata/RHSA-2025:22871"
},
{
"category": "external",
"summary": "F5 Security Advisory K000158115 vom 2025-12-09",
"url": "https://my.f5.com/manage/s/article/K000158115"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23078 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23078"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23080 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23080"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23079 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23079"
},
{
"category": "external",
"summary": "Tenable Security Advisory TNS-2025-24 vom 2025-12-15",
"url": "https://de.tenable.com/security/tns-2025-24"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23202 vom 2025-12-15",
"url": "https://access.redhat.com/errata/RHSA-2025:23202"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7254766 vom 2025-12-15",
"url": "https://www.ibm.com/support/pages/node/7254766"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23227 vom 2025-12-16",
"url": "https://access.redhat.com/errata/RHSA-2025:23227"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23248 vom 2025-12-16",
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7255065 vom 2025-12-17",
"url": "https://www.ibm.com/support/pages/node/7255065"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23449 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23449"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23550 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23550"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7255154 vom 2025-12-17",
"url": "https://www.ibm.com/support/pages/node/7255154"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2025-12-20",
"url": "https://support.hcl-software.com/community?id=community_blog\u0026sys_id=e990462f33fd7290159a05273e5c7b9c"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7255930 vom 2025-12-29",
"url": "https://www.ibm.com/support/pages/node/7255930"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0001 vom 2026-01-05",
"url": "https://access.redhat.com/errata/RHSA-2026:0001"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0077 vom 2026-01-06",
"url": "https://access.redhat.com/errata/RHSA-2026:0077"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0076 vom 2026-01-06",
"url": "https://access.redhat.com/errata/RHSA-2026:0076"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0078 vom 2026-01-05",
"url": "https://access.redhat.com/errata/RHSA-2026:0078"
}
],
"source_lang": "en-US",
"title": "expat: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2026-01-05T23:00:00.000+00:00",
"generator": {
"date": "2026-01-06T08:35:31.570+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2045",
"initial_release_date": "2025-09-14T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-09-14T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-09-17T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2025-09-24T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-10-09T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-16T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2025-10-30T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-11-02T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-05T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-11-11T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-19T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-20T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-23T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-11-24T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-11-26T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2025-11-27T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Meinberg und SUSE aufgenommen"
},
{
"date": "2025-12-02T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-03T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-12-04T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-07T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-08T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-09T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2025-12-10T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-15T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Tenable, Red Hat, IBM und IBM-APAR aufgenommen"
},
{
"date": "2025-12-16T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von IBM und Red Hat aufgenommen"
},
{
"date": "2025-12-17T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Red Hat und IBM aufgenommen"
},
{
"date": "2025-12-21T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2025-12-29T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-01-04T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-05T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "33"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "15.1.0-15.1.10",
"product": {
"name": "F5 BIG-IP 15.1.0-15.1.10",
"product_id": "T034902",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:15.1.0_-_15.1.10"
}
}
},
{
"category": "product_version",
"name": "16.1.0-16.1.6",
"product": {
"name": "F5 BIG-IP 16.1.0-16.1.6",
"product_id": "T044168",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:16.1.0_-_16.1.6"
}
}
},
{
"category": "product_version",
"name": "17.5.0-17.5.1",
"product": {
"name": "F5 BIG-IP 17.5.0-17.5.1",
"product_id": "T045956",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:17.5.0_-_17.5.1"
}
}
},
{
"category": "product_version",
"name": "21.0.0",
"product": {
"name": "F5 BIG-IP 21.0.0",
"product_id": "T049272",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:21.0.0"
}
}
},
{
"category": "product_version",
"name": "17.1.0-17.1.3",
"product": {
"name": "F5 BIG-IP 17.1.0-17.1.3",
"product_id": "T049273",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:17.1.0_-_17.1.3"
}
}
}
],
"category": "product_name",
"name": "BIG-IP"
},
{
"branches": [
{
"category": "product_version",
"name": "A 1.8.0-1.8.3",
"product": {
"name": "F5 F5OS A 1.8.0-1.8.3",
"product_id": "T049275",
"product_identification_helper": {
"cpe": "cpe:/o:f5:f5os:a_1.8.0_-_1.8.3"
}
}
},
{
"category": "product_version",
"name": "A 1.5.1-1.5.4",
"product": {
"name": "F5 F5OS A 1.5.1-1.5.4",
"product_id": "T049277",
"product_identification_helper": {
"cpe": "cpe:/o:f5:f5os:a_1.5.1_-_1.5.4"
}
}
},
{
"category": "product_version",
"name": "C 1.8.0-1.8.2",
"product": {
"name": "F5 F5OS C 1.8.0-1.8.2",
"product_id": "T049279",
"product_identification_helper": {
"cpe": "cpe:/o:f5:f5os:c_1.8.0_-_1.8.2"
}
}
},
{
"category": "product_version",
"name": "C 1.6.0-1.6.4",
"product": {
"name": "F5 F5OS C 1.6.0-1.6.4",
"product_id": "T049280",
"product_identification_helper": {
"cpe": "cpe:/o:f5:f5os:c_1.6.0_-_1.6.4"
}
}
}
],
"category": "product_name",
"name": "F5OS"
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "HCL Commerce",
"product": {
"name": "HCL Commerce",
"product_id": "T019294",
"product_identification_helper": {
"cpe": "cpe:/a:hcltechsw:commerce:-"
}
}
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM HTTP Server 8.5",
"product_id": "T001650",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:http_server:8.5"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "IBM HTTP Server 9.0",
"product_id": "T008162",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:http_server:9.0"
}
}
}
],
"category": "product_name",
"name": "HTTP Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP14 IF03",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP14 IF03",
"product_id": "T049499"
}
},
{
"category": "product_version",
"name": "7.5.0 UP14 IF03",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP14 IF03",
"product_id": "T049499-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up14_if03"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.3.0.16",
"product": {
"name": "IBM Sterling Connect:Direct \u003c6.3.0.16",
"product_id": "T049469"
}
},
{
"category": "product_version",
"name": "6.3.0.16",
"product": {
"name": "IBM Sterling Connect:Direct 6.3.0.16",
"product_id": "T049469-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:6.3.0.16"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.4.0.5",
"product": {
"name": "IBM Sterling Connect:Direct \u003c6.4.0.5",
"product_id": "T049470"
}
},
{
"category": "product_version",
"name": "6.4.0.5",
"product": {
"name": "IBM Sterling Connect:Direct 6.4.0.5",
"product_id": "T049470-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:6.4.0.5"
}
}
}
],
"category": "product_name",
"name": "Sterling Connect:Direct"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.10.004",
"product": {
"name": "Meinberg LANTIME \u003c7.10.004",
"product_id": "T048945"
}
},
{
"category": "product_version",
"name": "7.10.004",
"product": {
"name": "Meinberg LANTIME 7.10.004",
"product_id": "T048945-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:meinberg:lantime:7.10.004"
}
}
}
],
"category": "product_name",
"name": "LANTIME"
}
],
"category": "vendor",
"name": "Meinberg"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.7.2",
"product": {
"name": "Open Source expat \u003c2.7.2",
"product_id": "T046963"
}
},
{
"category": "product_version",
"name": "2.7.2",
"product": {
"name": "Open Source expat 2.7.2",
"product_id": "T046963-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:expat:expat:2.7.2"
}
}
}
],
"category": "product_name",
"name": "expat"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "OpenBSD OpenBSD",
"product": {
"name": "OpenBSD OpenBSD",
"product_id": "T043360",
"product_identification_helper": {
"cpe": "cpe:/a:openbsd:openbsd:7.6"
}
}
}
],
"category": "vendor",
"name": "OpenBSD"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Advanced Cluster Security",
"product": {
"name": "Red Hat Enterprise Linux Advanced Cluster Security",
"product_id": "T049494",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.11.1",
"product": {
"name": "Tenable Security Nessus \u003c10.11.1",
"product_id": "T049431"
}
},
{
"category": "product_version",
"name": "10.11.1",
"product": {
"name": "Tenable Security Nessus 10.11.1",
"product_id": "T049431-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:10.11.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.9.6",
"product": {
"name": "Tenable Security Nessus \u003c10.9.6",
"product_id": "T049432"
}
},
{
"category": "product_version",
"name": "10.9.6",
"product": {
"name": "Tenable Security Nessus 10.9.6",
"product_id": "T049432-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:tenable:nessus:10.9.6"
}
}
}
],
"category": "product_name",
"name": "Nessus"
}
],
"category": "vendor",
"name": "Tenable Security"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"product_status": {
"known_affected": [
"T049280",
"67646",
"T034902",
"T019294",
"T004914",
"T043360",
"T049469",
"T049275",
"T049494",
"T049273",
"T049272",
"T049470",
"T032255",
"74185",
"T032495",
"T048945",
"T046963",
"T002207",
"T045956",
"T027843",
"T049279",
"T049499",
"T049432",
"T049277",
"T049431",
"T001650",
"T008162",
"T044168"
]
},
"release_date": "2025-09-14T22:00:00.000+00:00",
"title": "CVE-2025-59375"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
CERTFR-2025-AVI-1114
Vulnerability from certfr_avis - Published: 2025-12-16 - Updated: 2025-12-16
De multiples vulnérabilités ont été découvertes dans Tenable Nessus. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions 10.11.x ant\u00e9rieures \u00e0 10.11.1",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus versions 10.9.x ant\u00e9rieures \u00e0 10.9.6",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
}
],
"initial_release_date": "2025-12-16T00:00:00",
"last_revision_date": "2025-12-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1114",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus",
"vendor_advisories": [
{
"published_at": "2025-12-15",
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2025-24",
"url": "https://www.tenable.com/security/tns-2025-24"
}
]
}
CERTFR-2025-AVI-1131
Vulnerability from certfr_avis - Published: 2025-12-19 - Updated: 2025-12-19
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Db2 Warehouse | Db2 Warehouse on Cloud Pak for Data versions antérieures à 5.3.0 | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.0 versions antérieures à 7.5.0 UP14 IF03 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.0.x antérieures à 6.3.0.16 | ||
| IBM | QRadar | QRadar Suite Software versions 1.11.x antérieures à 1.11.8.0 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.4.0.x antérieures à 6.4.0.5 | ||
| IBM | Sterling Partner Engagement Manager Standard Edition | Sterling Partner Engagement Manager Standard Edition versions 6.2.4.x antérieures à 6.2.4.5 | ||
| IBM | Sterling Partner Engagement Manager Standard Edition | Sterling Partner Engagement Manager Standard Edition versions 6.2.3.x antérieures à 6.2.3.5 | ||
| IBM | Db2 | Db2 on Cloud Pak for Data versions antérieures à 5.3.0 | ||
| IBM | Cognos Dashboards | Cognos Dashboards on Cloud Pak for Data versions 5.x antérieures à 5.3 | ||
| IBM | Db2 | Db2 Intelligence Center versions 1.1.x antérieures à 1.1.3.0 | ||
| IBM | Sterling Partner Engagement Manager Essentials Edition | Sterling Partner Engagement Manager Essentials Edition versions 6.2.4.x antérieures à 6.2.4.2 | ||
| IBM | Sterling Partner Engagement Manager Essentials Edition | Sterling Partner Engagement Manager Essentials Edition versions 6.2.3.x antérieures à 6.2.3.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Db2 Warehouse on Cloud Pak for Data versions ant\u00e9rieures \u00e0 5.3.0",
"product": {
"name": "Db2 Warehouse",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.0 versions ant\u00e9rieures \u00e0 7.5.0 UP14 IF03",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.16",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.11.x ant\u00e9rieures \u00e0 1.11.8.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.4.0.x ant\u00e9rieures \u00e0 6.4.0.5",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Standard Edition versions 6.2.4.x ant\u00e9rieures \u00e0 6.2.4.5 ",
"product": {
"name": "Sterling Partner Engagement Manager Standard Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Standard Edition versions 6.2.3.x ant\u00e9rieures \u00e0 6.2.3.5 ",
"product": {
"name": "Sterling Partner Engagement Manager Standard Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 on Cloud Pak for Data versions ant\u00e9rieures \u00e0 5.3.0",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions 5.x ant\u00e9rieures \u00e0 5.3",
"product": {
"name": "Cognos Dashboards",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 Intelligence Center versions 1.1.x ant\u00e9rieures \u00e0 1.1.3.0",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Essentials Edition versions 6.2.4.x ant\u00e9rieures \u00e0 6.2.4.2",
"product": {
"name": "Sterling Partner Engagement Manager Essentials Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Essentials Edition versions 6.2.3.x ant\u00e9rieures \u00e0 6.2.3.5",
"product": {
"name": "Sterling Partner Engagement Manager Essentials Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2025-2534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2534"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2025-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4447"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2021-26272",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26272"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2025-39761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39761"
},
{
"name": "CVE-2024-49350",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49350"
},
{
"name": "CVE-2025-39883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39883"
},
{
"name": "CVE-2025-36131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36131"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2025-30065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30065"
},
{
"name": "CVE-2024-47118",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47118"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2021-47621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47621"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2025-61912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61912"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-55198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55198"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2025-1992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1992"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-36136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36136"
},
{
"name": "CVE-2025-38724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38724"
},
{
"name": "CVE-2020-9493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9493"
},
{
"name": "CVE-2025-36008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36008"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-39718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39718"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2024-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23454"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-36006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36006"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2025-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36186"
},
{
"name": "CVE-2025-55182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55182"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-6493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6493"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-33012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33012"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2025-5187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5187"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-41235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41235"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2023-53539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53539"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2025-39955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39955"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-2518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2518"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2024-38827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38827"
},
{
"name": "CVE-2025-38292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38292"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-55199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55199"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2025-59250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59250"
},
{
"name": "CVE-2025-1493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1493"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2025-3050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3050"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-1767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1767"
},
{
"name": "CVE-2021-26271",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26271"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2024-38821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38821"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-39825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39825"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2023-53401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53401"
},
{
"name": "CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-0915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0915"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2025-38351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38351"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2024-52903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52903"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-46653",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46653"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-2900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2900"
},
{
"name": "CVE-2025-0426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0426"
},
{
"name": "CVE-2020-9281",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9281"
},
{
"name": "CVE-2024-50301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50301"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-1000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1000"
},
{
"name": "CVE-2022-3697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3697"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-53513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53513"
},
{
"name": "CVE-2025-33134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33134"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2023-39804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39804"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6442"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2022-50543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50543"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-61911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61911"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2025-14687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14687"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
},
{
"name": "CVE-2025-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36185"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"initial_release_date": "2025-12-19T00:00:00",
"last_revision_date": "2025-12-19T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1131",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-12-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7252732",
"url": "https://www.ibm.com/support/pages/node/7252732"
},
{
"published_at": "2025-12-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7254815",
"url": "https://www.ibm.com/support/pages/node/7254815"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255060",
"url": "https://www.ibm.com/support/pages/node/7255060"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255154",
"url": "https://www.ibm.com/support/pages/node/7255154"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255095",
"url": "https://www.ibm.com/support/pages/node/7255095"
},
{
"published_at": "2025-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7254849",
"url": "https://www.ibm.com/support/pages/node/7254849"
},
{
"published_at": "2025-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7254850",
"url": "https://www.ibm.com/support/pages/node/7254850"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255160",
"url": "https://www.ibm.com/support/pages/node/7255160"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255065",
"url": "https://www.ibm.com/support/pages/node/7255065"
}
]
}
CERTFR-2025-AVI-1057
Vulnerability from certfr_avis - Published: 2025-12-02 - Updated: 2025-12-02
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 16.x antérieures à 16.11.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 14.x antérieures à 14.20.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 17.x antérieures à 17.7.0 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.1 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 18.x antérieures à 18.1.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 15.x antérieures à 15.15.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 13.x antérieures à 13.23.0 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu pour Postgres versions 16.x ant\u00e9rieures \u00e0 16.11.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 14.x ant\u00e9rieures \u00e0 14.20.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 17.x ant\u00e9rieures \u00e0 17.7.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 18.x ant\u00e9rieures \u00e0 18.1.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 15.x ant\u00e9rieures \u00e0 15.15.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 13.x ant\u00e9rieures \u00e0 13.23.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2022-23960",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23960"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3629"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3633"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-3903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3903"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-26878",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26878"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1974"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-20154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20154"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-27672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27672"
},
{
"name": "CVE-2023-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0045"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2022-30115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2022-3534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3534"
},
{
"name": "CVE-2023-2156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2021-31239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-4387",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4387"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-31085",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31085"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2019-17498",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17498"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-52467",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52467"
},
{
"name": "CVE-2023-52451",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52451"
},
{
"name": "CVE-2023-52445",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52445"
},
{
"name": "CVE-2024-26598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26598"
},
{
"name": "CVE-2023-52462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52462"
},
{
"name": "CVE-2023-52469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
},
{
"name": "CVE-2023-52470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52470"
},
{
"name": "CVE-2023-52464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52464"
},
{
"name": "CVE-2023-52475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52475"
},
{
"name": "CVE-2023-52478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52478"
},
{
"name": "CVE-2024-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
},
{
"name": "CVE-2023-52452",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52452"
},
{
"name": "CVE-2023-52532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52532"
},
{
"name": "CVE-2019-25162",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25162"
},
{
"name": "CVE-2021-46904",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46904"
},
{
"name": "CVE-2024-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24855"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2024-26631",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26631"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2023-52501",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52501"
},
{
"name": "CVE-2023-52519",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52519"
},
{
"name": "CVE-2024-26717",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
},
{
"name": "CVE-2024-26670",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26670"
},
{
"name": "CVE-2023-52477",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
},
{
"name": "CVE-2023-52528",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
},
{
"name": "CVE-2023-52582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52582"
},
{
"name": "CVE-2021-47098",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47098"
},
{
"name": "CVE-2023-52513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52513"
},
{
"name": "CVE-2024-22099",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22099"
},
{
"name": "CVE-2021-47097",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47097"
},
{
"name": "CVE-2023-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52520"
},
{
"name": "CVE-2023-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7042"
},
{
"name": "CVE-2023-52523",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52523"
},
{
"name": "CVE-2024-26803",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26803"
},
{
"name": "CVE-2024-24858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24858"
},
{
"name": "CVE-2024-24857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
},
{
"name": "CVE-2024-26660",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
},
{
"name": "CVE-2024-26760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26760"
},
{
"name": "CVE-2024-26681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26681"
},
{
"name": "CVE-2024-26815",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26815"
},
{
"name": "CVE-2024-26621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26621"
},
{
"name": "CVE-2024-26714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26714"
},
{
"name": "CVE-2024-26761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26761"
},
{
"name": "CVE-2024-26742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26742"
},
{
"name": "CVE-2021-47020",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47020"
},
{
"name": "CVE-2021-47017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47017"
},
{
"name": "CVE-2021-46984",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46984"
},
{
"name": "CVE-2021-47071",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47071"
},
{
"name": "CVE-2021-47202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47202"
},
{
"name": "CVE-2024-26605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26605"
},
{
"name": "CVE-2024-26989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26989"
},
{
"name": "CVE-2024-27003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27003"
},
{
"name": "CVE-2024-26987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26987"
},
{
"name": "CVE-2024-27015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27015"
},
{
"name": "CVE-2024-27014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27014"
},
{
"name": "CVE-2024-26992",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26992"
},
{
"name": "CVE-2023-52468",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52468"
},
{
"name": "CVE-2023-52487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52487"
},
{
"name": "CVE-2024-26618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26618"
},
{
"name": "CVE-2023-52490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52490"
},
{
"name": "CVE-2023-52455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52455"
},
{
"name": "CVE-2023-52472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52472"
},
{
"name": "CVE-2023-52643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52643"
},
{
"name": "CVE-2024-26649",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26649"
},
{
"name": "CVE-2023-52473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52473"
},
{
"name": "CVE-2023-52465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52465"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-27042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27042"
},
{
"name": "CVE-2021-47197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47197"
},
{
"name": "CVE-2021-47196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47196"
},
{
"name": "CVE-2022-48702",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48702"
},
{
"name": "CVE-2022-48701",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48701"
},
{
"name": "CVE-2022-48694",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48694"
},
{
"name": "CVE-2022-48644",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48644"
},
{
"name": "CVE-2021-47217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47217"
},
{
"name": "CVE-2022-48653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48653"
},
{
"name": "CVE-2021-47214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47214"
},
{
"name": "CVE-2022-48672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48672"
},
{
"name": "CVE-2022-48657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48657"
},
{
"name": "CVE-2022-48652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48652"
},
{
"name": "CVE-2022-48658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48658"
},
{
"name": "CVE-2021-47210",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47210"
},
{
"name": "CVE-2022-48662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48662"
},
{
"name": "CVE-2022-48639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48639"
},
{
"name": "CVE-2023-52646",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52646"
},
{
"name": "CVE-2022-48640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48640"
},
{
"name": "CVE-2024-26933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26933"
},
{
"name": "CVE-2021-47215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47215"
},
{
"name": "CVE-2021-47074",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47074"
},
{
"name": "CVE-2021-47041",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47041"
},
{
"name": "CVE-2024-27039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27039"
},
{
"name": "CVE-2022-48704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48704"
},
{
"name": "CVE-2022-48675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48675"
},
{
"name": "CVE-2022-48690",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48690"
},
{
"name": "CVE-2021-47191",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47191"
},
{
"name": "CVE-2022-48637",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48637"
},
{
"name": "CVE-2022-48632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48632"
},
{
"name": "CVE-2022-48660",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48660"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2023-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52565"
},
{
"name": "CVE-2024-26892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26892"
},
{
"name": "CVE-2024-26964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26964"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2021-47227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47227"
},
{
"name": "CVE-2021-47237",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47237"
},
{
"name": "CVE-2021-47239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47239"
},
{
"name": "CVE-2021-47250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47250"
},
{
"name": "CVE-2021-47261",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47261"
},
{
"name": "CVE-2021-47343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47343"
},
{
"name": "CVE-2021-47360",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47360"
},
{
"name": "CVE-2021-47365",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47365"
},
{
"name": "CVE-2021-47373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47373"
},
{
"name": "CVE-2021-47393",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47393"
},
{
"name": "CVE-2021-47398",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47398"
},
{
"name": "CVE-2021-47404",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47404"
},
{
"name": "CVE-2021-47420",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47420"
},
{
"name": "CVE-2021-47422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47422"
},
{
"name": "CVE-2021-47426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47426"
},
{
"name": "CVE-2021-47428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47428"
},
{
"name": "CVE-2021-47429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47429"
},
{
"name": "CVE-2021-47430",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47430"
},
{
"name": "CVE-2021-47438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47438"
},
{
"name": "CVE-2021-47444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47444"
},
{
"name": "CVE-2021-47454",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47454"
},
{
"name": "CVE-2021-47457",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47457"
},
{
"name": "CVE-2021-47465",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47465"
},
{
"name": "CVE-2021-47481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47481"
},
{
"name": "CVE-2021-47483",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47483"
},
{
"name": "CVE-2021-47490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47490"
},
{
"name": "CVE-2021-47495",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47495"
},
{
"name": "CVE-2021-47497",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47497"
},
{
"name": "CVE-2021-47499",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47499"
},
{
"name": "CVE-2021-47500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47500"
},
{
"name": "CVE-2021-47505",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47505"
},
{
"name": "CVE-2021-47516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47516"
},
{
"name": "CVE-2021-47527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47527"
},
{
"name": "CVE-2021-47536",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47536"
},
{
"name": "CVE-2021-47537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47537"
},
{
"name": "CVE-2021-47538",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47538"
},
{
"name": "CVE-2021-47550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47550"
},
{
"name": "CVE-2021-47559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47559"
},
{
"name": "CVE-2022-48689",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48689"
},
{
"name": "CVE-2022-48691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48691"
},
{
"name": "CVE-2022-48705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48705"
},
{
"name": "CVE-2022-48709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48709"
},
{
"name": "CVE-2022-48710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48710"
},
{
"name": "CVE-2023-52654",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52654"
},
{
"name": "CVE-2023-52659",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52659"
},
{
"name": "CVE-2023-52661",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52661"
},
{
"name": "CVE-2023-52662",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52662"
},
{
"name": "CVE-2023-52679",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52679"
},
{
"name": "CVE-2023-52686",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52686"
},
{
"name": "CVE-2023-52690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52690"
},
{
"name": "CVE-2023-52698",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52698"
},
{
"name": "CVE-2023-52702",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52702"
},
{
"name": "CVE-2023-52703",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52703"
},
{
"name": "CVE-2023-52730",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52730"
},
{
"name": "CVE-2023-52731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52731"
},
{
"name": "CVE-2023-52736",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52736"
},
{
"name": "CVE-2023-52739",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52739"
},
{
"name": "CVE-2023-52740",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52740"
},
{
"name": "CVE-2023-52743",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52743"
},
{
"name": "CVE-2023-52744",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52744"
},
{
"name": "CVE-2023-52747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52747"
},
{
"name": "CVE-2023-52764",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52764"
},
{
"name": "CVE-2023-52781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52781"
},
{
"name": "CVE-2023-52788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52788"
},
{
"name": "CVE-2023-52791",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52791"
},
{
"name": "CVE-2023-52795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52795"
},
{
"name": "CVE-2023-52796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52796"
},
{
"name": "CVE-2023-52803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52803"
},
{
"name": "CVE-2023-52806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52806"
},
{
"name": "CVE-2023-52814",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52814"
},
{
"name": "CVE-2023-52817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52817"
},
{
"name": "CVE-2023-52818",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52818"
},
{
"name": "CVE-2023-52833",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52833"
},
{
"name": "CVE-2023-52840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52840"
},
{
"name": "CVE-2023-52851",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52851"
},
{
"name": "CVE-2023-52854",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52854"
},
{
"name": "CVE-2023-52867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52867"
},
{
"name": "CVE-2023-52877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52877"
},
{
"name": "CVE-2024-26838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26838"
},
{
"name": "CVE-2024-35801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35801"
},
{
"name": "CVE-2024-35804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35804"
},
{
"name": "CVE-2024-35860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35860"
},
{
"name": "CVE-2024-35872",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35872"
},
{
"name": "CVE-2024-35901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35901"
},
{
"name": "CVE-2024-35912",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35912"
},
{
"name": "CVE-2024-35952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35952"
},
{
"name": "CVE-2024-35959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35959"
},
{
"name": "CVE-2024-35963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35963"
},
{
"name": "CVE-2024-35964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35964"
},
{
"name": "CVE-2024-36012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36012"
},
{
"name": "CVE-2024-36906",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36906"
},
{
"name": "CVE-2024-36918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36918"
},
{
"name": "CVE-2024-36926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36926"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2023-52663",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52663"
},
{
"name": "CVE-2023-52675",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52675"
},
{
"name": "CVE-2023-52697",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52697"
},
{
"name": "CVE-2024-26611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26611"
},
{
"name": "CVE-2024-26674",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26674"
},
{
"name": "CVE-2024-26899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26899"
},
{
"name": "CVE-2024-26990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26990"
},
{
"name": "CVE-2024-27027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27027"
},
{
"name": "CVE-2024-27031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27031"
},
{
"name": "CVE-2024-27057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27057"
},
{
"name": "CVE-2024-35795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35795"
},
{
"name": "CVE-2024-35810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35810"
},
{
"name": "CVE-2024-35814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35814"
},
{
"name": "CVE-2024-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35824"
},
{
"name": "CVE-2024-35834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35834"
},
{
"name": "CVE-2024-35836",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35836"
},
{
"name": "CVE-2024-35838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35838"
},
{
"name": "CVE-2024-35891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35891"
},
{
"name": "CVE-2024-35903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35903"
},
{
"name": "CVE-2024-35917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35917"
},
{
"name": "CVE-2024-35927",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35927"
},
{
"name": "CVE-2024-35974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35974"
},
{
"name": "CVE-2024-35981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35981"
},
{
"name": "CVE-2024-35991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35991"
},
{
"name": "CVE-2024-36002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36002"
},
{
"name": "CVE-2024-36011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36011"
},
{
"name": "CVE-2024-36021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36021"
},
{
"name": "CVE-2024-36891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36891"
},
{
"name": "CVE-2024-36930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36930"
},
{
"name": "CVE-2024-36936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36936"
},
{
"name": "CVE-2024-35983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35983"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2023-52648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52648"
},
{
"name": "CVE-2023-52649",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52649"
},
{
"name": "CVE-2024-26953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26953"
},
{
"name": "CVE-2024-26975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26975"
},
{
"name": "CVE-2024-27026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27026"
},
{
"name": "CVE-2024-27079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27079"
},
{
"name": "CVE-2024-27390",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27390"
},
{
"name": "CVE-2024-35787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35787"
},
{
"name": "CVE-2024-35827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35827"
},
{
"name": "CVE-2024-35831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35831"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-52560",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52560"
},
{
"name": "CVE-2023-52813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52813"
},
{
"name": "CVE-2023-52835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
},
{
"name": "CVE-2023-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2021-47539",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47539"
},
{
"name": "CVE-2021-47572",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47572"
},
{
"name": "CVE-2021-47576",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47576"
},
{
"name": "CVE-2021-47578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47578"
},
{
"name": "CVE-2021-47601",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47601"
},
{
"name": "CVE-2021-47607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47607"
},
{
"name": "CVE-2021-47609",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47609"
},
{
"name": "CVE-2021-47616",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47616"
},
{
"name": "CVE-2021-47617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47617"
},
{
"name": "CVE-2021-47620",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47620"
},
{
"name": "CVE-2022-48712",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48712"
},
{
"name": "CVE-2022-48713",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48713"
},
{
"name": "CVE-2022-48714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48714"
},
{
"name": "CVE-2022-48720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48720"
},
{
"name": "CVE-2022-48724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48724"
},
{
"name": "CVE-2022-48725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48725"
},
{
"name": "CVE-2022-48727",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48727"
},
{
"name": "CVE-2022-48728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48728"
},
{
"name": "CVE-2022-48729",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48729"
},
{
"name": "CVE-2022-48732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48732"
},
{
"name": "CVE-2022-48745",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48745"
},
{
"name": "CVE-2022-48746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48746"
},
{
"name": "CVE-2022-48752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48752"
},
{
"name": "CVE-2022-48760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48760"
},
{
"name": "CVE-2022-48763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48763"
},
{
"name": "CVE-2022-48767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48767"
},
{
"name": "CVE-2022-48768",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48768"
},
{
"name": "CVE-2022-48769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48769"
},
{
"name": "CVE-2022-48770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48770"
},
{
"name": "CVE-2023-52787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52787"
},
{
"name": "CVE-2023-52837",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52837"
},
{
"name": "CVE-2023-52845",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52845"
},
{
"name": "CVE-2023-52846",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52846"
},
{
"name": "CVE-2024-35979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35979"
},
{
"name": "CVE-2024-36477",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36477"
},
{
"name": "CVE-2024-36937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2024-36967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
},
{
"name": "CVE-2024-36975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2024-24859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24859"
},
{
"name": "CVE-2024-26734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26734"
},
{
"name": "CVE-2024-26818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26818"
},
{
"name": "CVE-2024-26831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26831"
},
{
"name": "CVE-2024-27012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27012"
},
{
"name": "CVE-2024-27017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
},
{
"name": "CVE-2024-35880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35880"
},
{
"name": "CVE-2024-35892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35892"
},
{
"name": "CVE-2024-35894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35894"
},
{
"name": "CVE-2024-35908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35908"
},
{
"name": "CVE-2024-35913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35913"
},
{
"name": "CVE-2024-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35942"
},
{
"name": "CVE-2024-35957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35957"
},
{
"name": "CVE-2024-35980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35980"
},
{
"name": "CVE-2024-39298",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39298"
},
{
"name": "CVE-2024-39493",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39493"
},
{
"name": "CVE-2024-39500",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39500"
},
{
"name": "CVE-2024-40900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40900"
},
{
"name": "CVE-2024-40903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40903"
},
{
"name": "CVE-2024-40908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40908"
},
{
"name": "CVE-2024-40913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40913"
},
{
"name": "CVE-2024-40919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40919"
},
{
"name": "CVE-2024-40924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40924"
},
{
"name": "CVE-2024-40937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40937"
},
{
"name": "CVE-2024-40940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40940"
},
{
"name": "CVE-2024-40948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40948"
},
{
"name": "CVE-2024-40956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40956"
},
{
"name": "CVE-2024-40989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40989"
},
{
"name": "CVE-2024-40994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40994"
},
{
"name": "CVE-2023-52750",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52750"
},
{
"name": "CVE-2023-52782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52782"
},
{
"name": "CVE-2023-52786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52786"
},
{
"name": "CVE-2023-52792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52792"
},
{
"name": "CVE-2023-52794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52794"
},
{
"name": "CVE-2023-52842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52842"
},
{
"name": "CVE-2023-52849",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52849"
},
{
"name": "CVE-2023-52866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52866"
},
{
"name": "CVE-2024-36010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36010"
},
{
"name": "CVE-2024-36882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36882"
},
{
"name": "CVE-2024-36962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36962"
},
{
"name": "CVE-2024-36977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36977"
},
{
"name": "CVE-2024-38566",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38566"
},
{
"name": "CVE-2024-38629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38629"
},
{
"name": "CVE-2024-39291",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39291"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2024-36028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36028"
},
{
"name": "CVE-2024-36884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36884"
},
{
"name": "CVE-2024-36920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36920"
},
{
"name": "CVE-2024-36932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36932"
},
{
"name": "CVE-2024-36956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36956"
},
{
"name": "CVE-2024-36961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36961"
},
{
"name": "CVE-2024-38561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38561"
},
{
"name": "CVE-2024-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38604"
},
{
"name": "CVE-2024-38606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
},
{
"name": "CVE-2021-47579",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47579"
},
{
"name": "CVE-2022-48757",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48757"
},
{
"name": "CVE-2023-52775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52775"
},
{
"name": "CVE-2023-52885",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52885"
},
{
"name": "CVE-2024-26837",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26837"
},
{
"name": "CVE-2024-27404",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27404"
},
{
"name": "CVE-2024-39479",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39479"
},
{
"name": "CVE-2024-39498",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39498"
},
{
"name": "CVE-2024-40923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40923"
},
{
"name": "CVE-2024-40925",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40925"
},
{
"name": "CVE-2024-6197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6197"
},
{
"name": "CVE-2021-47623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47623"
},
{
"name": "CVE-2022-48773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48773"
},
{
"name": "CVE-2022-48778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48778"
},
{
"name": "CVE-2022-48780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48780"
},
{
"name": "CVE-2022-48783",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48783"
},
{
"name": "CVE-2022-48784",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48784"
},
{
"name": "CVE-2022-48785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48785"
},
{
"name": "CVE-2022-48786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48786"
},
{
"name": "CVE-2022-48787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48787"
},
{
"name": "CVE-2022-48793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48793"
},
{
"name": "CVE-2022-48796",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48796"
},
{
"name": "CVE-2022-48797",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48797"
},
{
"name": "CVE-2022-48799",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48799"
},
{
"name": "CVE-2022-48800",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48800"
},
{
"name": "CVE-2022-48801",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48801"
},
{
"name": "CVE-2022-48802",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48802"
},
{
"name": "CVE-2022-48804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48804"
},
{
"name": "CVE-2022-48806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48806"
},
{
"name": "CVE-2022-48809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48809"
},
{
"name": "CVE-2022-48810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48810"
},
{
"name": "CVE-2022-48812",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48812"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-10966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
},
{
"name": "CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"name": "CVE-2022-48813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48813"
},
{
"name": "CVE-2022-48815",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48815"
},
{
"name": "CVE-2022-48817",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48817"
},
{
"name": "CVE-2022-48818",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48818"
},
{
"name": "CVE-2022-48823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48823"
},
{
"name": "CVE-2022-48825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48825"
},
{
"name": "CVE-2022-48830",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48830"
},
{
"name": "CVE-2022-48831",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48831"
},
{
"name": "CVE-2022-48834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48834"
},
{
"name": "CVE-2022-48835",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48835"
},
{
"name": "CVE-2022-48836",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48836"
},
{
"name": "CVE-2022-48837",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48837"
},
{
"name": "CVE-2022-48839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48839"
},
{
"name": "CVE-2022-48840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48840"
},
{
"name": "CVE-2022-48843",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48843"
},
{
"name": "CVE-2022-48850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48850"
},
{
"name": "CVE-2022-48853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48853"
},
{
"name": "CVE-2022-48858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48858"
},
{
"name": "CVE-2022-48861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48861"
},
{
"name": "CVE-2022-48863",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48863"
},
{
"name": "CVE-2022-48864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48864"
},
{
"name": "CVE-2022-48866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48866"
},
{
"name": "CVE-2023-52886",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52886"
},
{
"name": "CVE-2024-41057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41057"
},
{
"name": "CVE-2024-41058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41058"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2024-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38632"
},
{
"name": "CVE-2024-39491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39491"
},
{
"name": "CVE-2024-40922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40922"
},
{
"name": "CVE-2024-40930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40930"
},
{
"name": "CVE-2024-40964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40964"
},
{
"name": "CVE-2024-40992",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40992"
},
{
"name": "CVE-2024-41003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41003"
},
{
"name": "CVE-2024-41047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41047"
},
{
"name": "CVE-2024-42085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42085"
},
{
"name": "CVE-2024-42109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42109"
},
{
"name": "CVE-2024-42240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
},
{
"name": "CVE-2021-47517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47517"
},
{
"name": "CVE-2022-48865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48865"
},
{
"name": "CVE-2022-48875",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48875"
},
{
"name": "CVE-2022-48883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48883"
},
{
"name": "CVE-2022-48886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48886"
},
{
"name": "CVE-2022-48889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48889"
},
{
"name": "CVE-2022-48890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48890"
},
{
"name": "CVE-2022-48896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48896"
},
{
"name": "CVE-2022-48899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48899"
},
{
"name": "CVE-2022-48912",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48912"
},
{
"name": "CVE-2022-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48913"
},
{
"name": "CVE-2022-48914",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48914"
},
{
"name": "CVE-2022-48915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48915"
},
{
"name": "CVE-2022-48921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48921"
},
{
"name": "CVE-2022-48929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48929"
},
{
"name": "CVE-2022-48931",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48931"
},
{
"name": "CVE-2022-48934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48934"
},
{
"name": "CVE-2022-48938",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48938"
},
{
"name": "CVE-2022-48939",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48939"
},
{
"name": "CVE-2022-48942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48942"
},
{
"name": "CVE-2023-52859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52859"
},
{
"name": "CVE-2023-52898",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52898"
},
{
"name": "CVE-2023-52901",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52901"
},
{
"name": "CVE-2023-52905",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52905"
},
{
"name": "CVE-2023-52906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52906"
},
{
"name": "CVE-2023-52908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52908"
},
{
"name": "CVE-2023-52909",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52909"
},
{
"name": "CVE-2023-52910",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52910"
},
{
"name": "CVE-2024-26637",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26637"
},
{
"name": "CVE-2024-26682",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26682"
},
{
"name": "CVE-2024-26683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26683"
},
{
"name": "CVE-2024-36970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36970"
},
{
"name": "CVE-2024-39486",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39486"
},
{
"name": "CVE-2024-41010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41010"
},
{
"name": "CVE-2024-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41032"
},
{
"name": "CVE-2024-41037",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41037"
},
{
"name": "CVE-2024-41038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41038"
},
{
"name": "CVE-2024-41039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41039"
},
{
"name": "CVE-2024-41045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41045"
},
{
"name": "CVE-2024-41056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41056"
},
{
"name": "CVE-2024-41084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41084"
},
{
"name": "CVE-2024-41094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41094"
},
{
"name": "CVE-2024-42107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42107"
},
{
"name": "CVE-2024-42125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42125"
},
{
"name": "CVE-2024-42132",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42132"
},
{
"name": "CVE-2024-42133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42133"
},
{
"name": "CVE-2024-42138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42138"
},
{
"name": "CVE-2024-42139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42139"
},
{
"name": "CVE-2024-42141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42141"
},
{
"name": "CVE-2024-42238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42238"
},
{
"name": "CVE-2024-42239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42239"
},
{
"name": "CVE-2024-42241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42241"
},
{
"name": "CVE-2024-42245",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42245"
},
{
"name": "CVE-2024-42268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42268"
},
{
"name": "CVE-2024-42278",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42278"
},
{
"name": "CVE-2024-42291",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42291"
},
{
"name": "CVE-2024-42315",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42315"
},
{
"name": "CVE-2024-42316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42316"
},
{
"name": "CVE-2024-43816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43816"
},
{
"name": "CVE-2024-43817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43817"
},
{
"name": "CVE-2024-43821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43821"
},
{
"name": "CVE-2024-43826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43826"
},
{
"name": "CVE-2024-43840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43840"
},
{
"name": "CVE-2024-43842",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43842"
},
{
"name": "CVE-2024-43873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43873"
},
{
"name": "CVE-2024-43874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43874"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2024-41031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41031"
},
{
"name": "CVE-2024-42243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42243"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2024-44983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44983"
},
{
"name": "CVE-2024-44986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44986"
},
{
"name": "CVE-2024-45000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45000"
},
{
"name": "CVE-2024-45010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45010"
},
{
"name": "CVE-2024-45019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45019"
},
{
"name": "CVE-2024-45022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45022"
},
{
"name": "CVE-2024-45029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45029"
},
{
"name": "CVE-2024-46711",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46711"
},
{
"name": "CVE-2024-46784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46784"
},
{
"name": "CVE-2024-46830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46830"
},
{
"name": "CVE-2022-48944",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48944"
},
{
"name": "CVE-2024-42294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42294"
},
{
"name": "CVE-2024-43870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43870"
},
{
"name": "CVE-2024-44967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44967"
},
{
"name": "CVE-2024-44984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44984"
},
{
"name": "CVE-2024-45001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45001"
},
{
"name": "CVE-2024-45005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45005"
},
{
"name": "CVE-2024-45012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45012"
},
{
"name": "CVE-2024-45013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45013"
},
{
"name": "CVE-2024-45017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45017"
},
{
"name": "CVE-2024-45020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45020"
},
{
"name": "CVE-2024-46672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46672"
},
{
"name": "CVE-2024-46692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46692"
},
{
"name": "CVE-2024-46706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46706"
},
{
"name": "CVE-2024-46709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46709"
},
{
"name": "CVE-2024-46710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46710"
},
{
"name": "CVE-2024-46767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46767"
},
{
"name": "CVE-2024-46786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46786"
},
{
"name": "CVE-2024-46797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46797"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-41085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41085"
},
{
"name": "CVE-2024-26721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26721"
},
{
"name": "CVE-2024-42258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42258"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-54121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54121"
},
{
"name": "CVE-2012-2114",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2114"
},
{
"name": "CVE-2021-46937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46937"
},
{
"name": "CVE-2021-46999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46999"
},
{
"name": "CVE-2021-47033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47033"
},
{
"name": "CVE-2021-47079",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47079"
},
{
"name": "CVE-2021-47092",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47092"
},
{
"name": "CVE-2021-47226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47226"
},
{
"name": "CVE-2021-47251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47251"
},
{
"name": "CVE-2021-47266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47266"
},
{
"name": "CVE-2021-47318",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47318"
},
{
"name": "CVE-2021-47325",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47325"
},
{
"name": "CVE-2021-47346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47346"
},
{
"name": "CVE-2021-47349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47349"
},
{
"name": "CVE-2021-47519",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47519"
},
{
"name": "CVE-2021-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47561"
},
{
"name": "CVE-2021-47613",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47613"
},
{
"name": "CVE-2022-1247",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1247"
},
{
"name": "CVE-2022-20153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20153"
},
{
"name": "CVE-2022-48641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48641"
},
{
"name": "CVE-2022-48643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48643"
},
{
"name": "CVE-2022-48707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48707"
},
{
"name": "CVE-2022-48719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48719"
},
{
"name": "CVE-2022-48781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48781"
},
{
"name": "CVE-2022-48819",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48819"
},
{
"name": "CVE-2022-48832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48832"
},
{
"name": "CVE-2022-48848",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48848"
},
{
"name": "CVE-2022-48876",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48876"
},
{
"name": "CVE-2022-48963",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48963"
},
{
"name": "CVE-2022-48974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48974"
},
{
"name": "CVE-2022-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48976"
},
{
"name": "CVE-2022-48984",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48984"
},
{
"name": "CVE-2022-48986",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48986"
},
{
"name": "CVE-2022-49013",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49013"
},
{
"name": "CVE-2022-49018",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49018"
},
{
"name": "CVE-2022-49048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49048"
},
{
"name": "CVE-2022-49049",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49049"
},
{
"name": "CVE-2022-49052",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49052"
},
{
"name": "CVE-2022-49072",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49072"
},
{
"name": "CVE-2022-49077",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49077"
},
{
"name": "CVE-2022-49094",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49094"
},
{
"name": "CVE-2022-49152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49152"
},
{
"name": "CVE-2022-49198",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49198"
},
{
"name": "CVE-2022-49229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49229"
},
{
"name": "CVE-2022-49231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49231"
},
{
"name": "CVE-2022-49334",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49334"
},
{
"name": "CVE-2022-49340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49340"
},
{
"name": "CVE-2022-49374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49374"
},
{
"name": "CVE-2022-49401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49401"
},
{
"name": "CVE-2022-49403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49403"
},
{
"name": "CVE-2022-49450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49450"
},
{
"name": "CVE-2022-49554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49554"
},
{
"name": "CVE-2022-49557",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49557"
},
{
"name": "CVE-2022-49567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49567"
},
{
"name": "CVE-2022-49571",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49571"
},
{
"name": "CVE-2022-49572",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49572"
},
{
"name": "CVE-2022-49573",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49573"
},
{
"name": "CVE-2022-49574",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49574"
},
{
"name": "CVE-2022-49575",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49575"
},
{
"name": "CVE-2022-49577",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49577"
},
{
"name": "CVE-2022-49580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49580"
},
{
"name": "CVE-2022-49585",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49585"
},
{
"name": "CVE-2022-49586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49586"
},
{
"name": "CVE-2022-49587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49587"
},
{
"name": "CVE-2022-49593",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49593"
},
{
"name": "CVE-2022-49594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49594"
},
{
"name": "CVE-2022-49595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49595"
},
{
"name": "CVE-2022-49596",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49596"
},
{
"name": "CVE-2022-49597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49597"
},
{
"name": "CVE-2022-49598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49598"
},
{
"name": "CVE-2022-49599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49599"
},
{
"name": "CVE-2022-49600",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49600"
},
{
"name": "CVE-2022-49601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49601"
},
{
"name": "CVE-2022-49602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49602"
},
{
"name": "CVE-2022-49604",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49604"
},
{
"name": "CVE-2022-49612",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49612"
},
{
"name": "CVE-2022-49629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49629"
},
{
"name": "CVE-2022-49633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49633"
},
{
"name": "CVE-2022-49637",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49637"
},
{
"name": "CVE-2022-49639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49639"
},
{
"name": "CVE-2022-49659",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49659"
},
{
"name": "CVE-2022-49662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49662"
},
{
"name": "CVE-2022-49691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49691"
},
{
"name": "CVE-2022-49744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49744"
},
{
"name": "CVE-2022-49747",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49747"
},
{
"name": "CVE-2022-49752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49752"
},
{
"name": "CVE-2022-49754",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49754"
},
{
"name": "CVE-2022-49760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49760"
},
{
"name": "CVE-2023-31082",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31082"
},
{
"name": "CVE-2023-52516",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52516"
},
{
"name": "CVE-2023-52568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52568"
},
{
"name": "CVE-2023-52570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52570"
},
{
"name": "CVE-2023-52689",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52689"
},
{
"name": "CVE-2023-52704",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52704"
},
{
"name": "CVE-2023-52706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52706"
},
{
"name": "CVE-2023-52828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52828"
},
{
"name": "CVE-2023-52902",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52902"
},
{
"name": "CVE-2023-52932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52932"
},
{
"name": "CVE-2023-52934",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52934"
},
{
"name": "CVE-2023-52940",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52940"
},
{
"name": "CVE-2023-52942",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52942"
},
{
"name": "CVE-2023-52977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52977"
},
{
"name": "CVE-2023-52985",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52985"
},
{
"name": "CVE-2023-52987",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52987"
},
{
"name": "CVE-2023-52991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52991"
},
{
"name": "CVE-2023-53004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53004"
},
{
"name": "CVE-2023-53017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53017"
},
{
"name": "CVE-2024-23196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23196"
},
{
"name": "CVE-2024-26678",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26678"
},
{
"name": "CVE-2024-26725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26725"
},
{
"name": "CVE-2024-26746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26746"
},
{
"name": "CVE-2024-26918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26918"
},
{
"name": "CVE-2024-27023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27023"
},
{
"name": "CVE-2024-40907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40907"
},
{
"name": "CVE-2024-43896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43896"
},
{
"name": "CVE-2024-46748",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46748"
},
{
"name": "CVE-2024-46862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46862"
},
{
"name": "CVE-2024-53073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53073"
},
{
"name": "CVE-2024-53225",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53225"
},
{
"name": "CVE-2024-56668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56668"
},
{
"name": "CVE-2024-57852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57852"
},
{
"name": "CVE-2024-57914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57914"
},
{
"name": "CVE-2024-57985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57985"
},
{
"name": "CVE-2024-57989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57989"
},
{
"name": "CVE-2024-58064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58064"
},
{
"name": "CVE-2024-58075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58075"
},
{
"name": "CVE-2024-58084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58084"
},
{
"name": "CVE-2025-21709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21709"
},
{
"name": "CVE-2025-21807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21807"
},
{
"name": "CVE-2025-21817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21817"
},
{
"name": "CVE-2025-21827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21827"
},
{
"name": "CVE-2025-21851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21851"
},
{
"name": "CVE-2025-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21874"
},
{
"name": "CVE-2025-21907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21907"
},
{
"name": "CVE-2025-21921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21921"
},
{
"name": "CVE-2025-24357",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24357"
},
{
"name": "CVE-2025-25183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25183"
},
{
"name": "CVE-2025-29770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29770"
},
{
"name": "CVE-2025-30165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30165"
},
{
"name": "CVE-2025-30202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30202"
},
{
"name": "CVE-2025-32381",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32381"
},
{
"name": "CVE-2025-32444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32444"
},
{
"name": "CVE-2025-46570",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46570"
},
{
"name": "CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"name": "CVE-2025-48887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48887"
},
{
"name": "CVE-2025-48956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48956"
},
{
"name": "CVE-2025-57809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57809"
},
{
"name": "CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"name": "CVE-2025-62426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62426"
},
{
"name": "CVE-2025-65106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65106"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2022-48879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48879"
},
{
"name": "CVE-2022-48946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48946"
},
{
"name": "CVE-2022-48951",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48951"
},
{
"name": "CVE-2022-48953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48953"
},
{
"name": "CVE-2022-48969",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48969"
},
{
"name": "CVE-2022-48971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48971"
},
{
"name": "CVE-2022-48972",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48972"
},
{
"name": "CVE-2022-48978",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48978"
},
{
"name": "CVE-2022-48981",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48981"
},
{
"name": "CVE-2022-48985",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48985"
},
{
"name": "CVE-2022-48987",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48987"
},
{
"name": "CVE-2022-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48988"
},
{
"name": "CVE-2022-48992",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48992"
},
{
"name": "CVE-2022-48994",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48994"
},
{
"name": "CVE-2022-48997",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48997"
},
{
"name": "CVE-2022-49005",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49005"
},
{
"name": "CVE-2022-49006",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49006"
},
{
"name": "CVE-2022-49011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49011"
},
{
"name": "CVE-2022-49012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49012"
},
{
"name": "CVE-2022-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49014"
},
{
"name": "CVE-2022-49015",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49015"
},
{
"name": "CVE-2022-49017",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49017"
},
{
"name": "CVE-2022-49021",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49021"
},
{
"name": "CVE-2022-49022",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49022"
},
{
"name": "CVE-2022-49024",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49024"
},
{
"name": "CVE-2022-49027",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49027"
},
{
"name": "CVE-2022-49028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49028"
},
{
"name": "CVE-2022-49029",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49029"
},
{
"name": "CVE-2024-44932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44932"
},
{
"name": "CVE-2024-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44964"
},
{
"name": "CVE-2024-46766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46766"
},
{
"name": "CVE-2024-46825",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46825"
},
{
"name": "CVE-2024-46864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46864"
},
{
"name": "CVE-2024-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
},
{
"name": "CVE-2024-47672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47672"
},
{
"name": "CVE-2024-47675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47675"
},
{
"name": "CVE-2024-47682",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47682"
},
{
"name": "CVE-2024-47687",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47687"
},
{
"name": "CVE-2024-47696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47696"
},
{
"name": "CVE-2024-47702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47702"
},
{
"name": "CVE-2024-47715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47715"
},
{
"name": "CVE-2024-47719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47719"
},
{
"name": "CVE-2024-47727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47727"
},
{
"name": "CVE-2024-49855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49855"
},
{
"name": "CVE-2024-49862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49862"
},
{
"name": "CVE-2024-49864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49864"
},
{
"name": "CVE-2024-49866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49866"
},
{
"name": "CVE-2024-49870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49870"
},
{
"name": "CVE-2024-49886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49886"
},
{
"name": "CVE-2024-49946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49946"
},
{
"name": "CVE-2024-49953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49953"
},
{
"name": "CVE-2024-50000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50000"
},
{
"name": "CVE-2024-50019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50019"
},
{
"name": "CVE-2024-50020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50020"
},
{
"name": "CVE-2024-50021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50021"
},
{
"name": "CVE-2024-50022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50022"
},
{
"name": "CVE-2024-50023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50023"
},
{
"name": "CVE-2024-50027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50027"
},
{
"name": "CVE-2024-50041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50041"
},
{
"name": "CVE-2024-50042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50042"
},
{
"name": "CVE-2024-50060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50060"
},
{
"name": "CVE-2024-50064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50064"
},
{
"name": "CVE-2024-50074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50074"
},
{
"name": "CVE-2024-50075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50075"
},
{
"name": "CVE-2024-50076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50076"
},
{
"name": "CVE-2024-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50077"
},
{
"name": "CVE-2024-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50078"
},
{
"name": "CVE-2024-50081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50081"
},
{
"name": "CVE-2024-46824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46824"
},
{
"name": "CVE-2024-50126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50126"
},
{
"name": "CVE-2024-50215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50215"
},
{
"name": "CVE-2024-50235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50235"
},
{
"name": "CVE-2024-50250",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50250"
},
{
"name": "CVE-2024-50252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50252"
},
{
"name": "CVE-2024-50255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50255"
},
{
"name": "CVE-2024-50259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50259"
},
{
"name": "CVE-2024-50261",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50261"
},
{
"name": "CVE-2024-50271",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50271"
},
{
"name": "CVE-2024-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53042"
},
{
"name": "CVE-2024-53055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53055"
},
{
"name": "CVE-2024-53070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53070"
},
{
"name": "CVE-2024-53072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53072"
},
{
"name": "CVE-2024-53082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53082"
},
{
"name": "CVE-2024-50226",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50226"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-44994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44994"
},
{
"name": "CVE-2024-50110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50110"
},
{
"name": "CVE-2024-42317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42317"
},
{
"name": "CVE-2024-43820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43820"
},
{
"name": "CVE-2024-43888",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43888"
},
{
"name": "CVE-2024-43910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43910"
},
{
"name": "CVE-2024-44975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44975"
},
{
"name": "CVE-2024-44996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44996"
},
{
"name": "CVE-2024-45027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45027"
},
{
"name": "CVE-2024-46697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46697"
},
{
"name": "CVE-2024-46698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46698"
},
{
"name": "CVE-2024-46788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46788"
},
{
"name": "CVE-2024-46793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46793"
},
{
"name": "CVE-2024-46845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46845"
},
{
"name": "CVE-2024-47734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47734"
},
{
"name": "CVE-2024-49856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49856"
},
{
"name": "CVE-2024-49977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49977"
},
{
"name": "CVE-2024-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50093"
},
{
"name": "CVE-2024-50186",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50186"
},
{
"name": "CVE-2024-50189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50189"
},
{
"name": "CVE-2022-48982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48982"
},
{
"name": "CVE-2022-48983",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48983"
},
{
"name": "CVE-2022-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48989"
},
{
"name": "CVE-2023-52778",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52778"
},
{
"name": "CVE-2024-49976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49976"
},
{
"name": "CVE-2024-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50101"
},
{
"name": "CVE-2024-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50102"
},
{
"name": "CVE-2024-50121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50121"
},
{
"name": "CVE-2024-50124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50124"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2024-50128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50128"
},
{
"name": "CVE-2024-50136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50136"
},
{
"name": "CVE-2024-50139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50139"
},
{
"name": "CVE-2024-50141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50141"
},
{
"name": "CVE-2024-50145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50145"
},
{
"name": "CVE-2024-50146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50146"
},
{
"name": "CVE-2024-50147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50147"
},
{
"name": "CVE-2024-50153",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50153"
},
{
"name": "CVE-2024-50155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50155"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2024-50158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50158"
},
{
"name": "CVE-2024-50160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50160"
},
{
"name": "CVE-2024-50169",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50169"
},
{
"name": "CVE-2024-50172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50172"
},
{
"name": "CVE-2024-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50182"
},
{
"name": "CVE-2024-50200",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50200"
},
{
"name": "CVE-2024-50216",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50216"
},
{
"name": "CVE-2024-50274",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50274"
},
{
"name": "CVE-2024-50275",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50275"
},
{
"name": "CVE-2024-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53045"
},
{
"name": "CVE-2024-53048",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53048"
},
{
"name": "CVE-2024-53074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53074"
},
{
"name": "CVE-2024-53085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53085"
},
{
"name": "CVE-2024-53110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53110"
},
{
"name": "CVE-2024-50162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50162"
},
{
"name": "CVE-2024-50163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50163"
},
{
"name": "CVE-2024-53097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53097"
},
{
"name": "CVE-2024-53113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53113"
},
{
"name": "CVE-2024-53120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53120"
},
{
"name": "CVE-2024-53123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53123"
},
{
"name": "CVE-2024-53136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53136"
},
{
"name": "CVE-2024-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53064"
},
{
"name": "CVE-2024-53105",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53105"
},
{
"name": "CVE-2024-53117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53117"
},
{
"name": "CVE-2024-53118",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53118"
},
{
"name": "CVE-2024-53134",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53134"
},
{
"name": "CVE-2024-53151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53151"
},
{
"name": "CVE-2024-53160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53160"
},
{
"name": "CVE-2024-53166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53166"
},
{
"name": "CVE-2024-53169",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53169"
},
{
"name": "CVE-2024-53202",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53202"
},
{
"name": "CVE-2024-53206",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53206"
},
{
"name": "CVE-2024-53207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53207"
},
{
"name": "CVE-2024-53208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53208"
},
{
"name": "CVE-2024-53213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53213"
},
{
"name": "CVE-2024-53215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53215"
},
{
"name": "CVE-2024-53222",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53222"
},
{
"name": "CVE-2024-53229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53229"
},
{
"name": "CVE-2024-56549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56549"
},
{
"name": "CVE-2024-56667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56667"
},
{
"name": "CVE-2024-56752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56752"
},
{
"name": "CVE-2024-48873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48873"
},
{
"name": "CVE-2024-49951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49951"
},
{
"name": "CVE-2024-53091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53091"
},
{
"name": "CVE-2024-53170",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53170"
},
{
"name": "CVE-2024-53175",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53175"
},
{
"name": "CVE-2024-53185",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53185"
},
{
"name": "CVE-2024-53230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53230"
},
{
"name": "CVE-2024-53231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53231"
},
{
"name": "CVE-2024-53232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53232"
},
{
"name": "CVE-2024-53236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53236"
},
{
"name": "CVE-2024-55881",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55881"
},
{
"name": "CVE-2024-56372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56372"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2024-53238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53238"
},
{
"name": "CVE-2024-56617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56617"
},
{
"name": "CVE-2024-56625",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56625"
},
{
"name": "CVE-2024-56632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56632"
},
{
"name": "CVE-2024-56654",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56654"
},
{
"name": "CVE-2024-56663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56663"
},
{
"name": "CVE-2024-56675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56675"
},
{
"name": "CVE-2024-56708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56708"
},
{
"name": "CVE-2024-56709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56709"
},
{
"name": "CVE-2024-56729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56729"
},
{
"name": "CVE-2024-56745",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56745"
},
{
"name": "CVE-2024-56760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56760"
},
{
"name": "CVE-2024-56765",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56765"
},
{
"name": "CVE-2024-57793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57793"
},
{
"name": "CVE-2024-57804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57804"
},
{
"name": "CVE-2024-57932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57932"
},
{
"name": "CVE-2024-57933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57933"
},
{
"name": "CVE-2024-57936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57936"
},
{
"name": "CVE-2025-21645",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21645"
},
{
"name": "CVE-2025-21649",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21649"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2024-46820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46820"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-53047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53047"
},
{
"name": "CVE-2024-56679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56679"
},
{
"name": "CVE-2024-56707",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56707"
},
{
"name": "CVE-2024-56725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56725"
},
{
"name": "CVE-2024-56726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56726"
},
{
"name": "CVE-2024-56727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56727"
},
{
"name": "CVE-2024-57882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57882"
},
{
"name": "CVE-2024-57917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57917"
},
{
"name": "CVE-2025-21663",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21663"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2024-50164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50164"
},
{
"name": "CVE-2025-21647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21647"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-21671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21671"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2021-47222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47222"
},
{
"name": "CVE-2021-47223",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47223"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2024-47700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47700"
},
{
"name": "CVE-2024-49880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49880"
},
{
"name": "CVE-2024-49885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49885"
},
{
"name": "CVE-2024-49999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49999"
},
{
"name": "CVE-2024-50029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50029"
},
{
"name": "CVE-2024-50107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50107"
},
{
"name": "CVE-2024-50109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50109"
},
{
"name": "CVE-2024-50114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50114"
},
{
"name": "CVE-2024-50120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50120"
},
{
"name": "CVE-2024-50152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50152"
},
{
"name": "CVE-2024-50165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50165"
},
{
"name": "CVE-2024-50197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50197"
},
{
"name": "CVE-2024-50207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50207"
},
{
"name": "CVE-2024-50223",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50223"
},
{
"name": "CVE-2024-50294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50294"
},
{
"name": "CVE-2024-50303",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50303"
},
{
"name": "CVE-2024-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53044"
},
{
"name": "CVE-2024-53109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53109"
},
{
"name": "CVE-2024-53167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53167"
},
{
"name": "CVE-2024-53176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53176"
},
{
"name": "CVE-2024-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53178"
},
{
"name": "CVE-2024-53189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53189"
},
{
"name": "CVE-2024-56535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56535"
},
{
"name": "CVE-2024-56545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56545"
},
{
"name": "CVE-2024-56696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56696"
},
{
"name": "CVE-2024-56702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56702"
},
{
"name": "CVE-2024-56742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56742"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2024-56783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56783"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2022-49080",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49080"
},
{
"name": "CVE-2022-49089",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49089"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2021-47648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47648"
},
{
"name": "CVE-2021-47649",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47649"
},
{
"name": "CVE-2021-47650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47650"
},
{
"name": "CVE-2021-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47659"
},
{
"name": "CVE-2022-49058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49058"
},
{
"name": "CVE-2022-49061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49061"
},
{
"name": "CVE-2022-49065",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49065"
},
{
"name": "CVE-2022-49066",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49066"
},
{
"name": "CVE-2022-49074",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49074"
},
{
"name": "CVE-2022-49086",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49086"
},
{
"name": "CVE-2022-49090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49090"
},
{
"name": "CVE-2022-49092",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49092"
},
{
"name": "CVE-2022-49097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49097"
},
{
"name": "CVE-2022-49100",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49100"
},
{
"name": "CVE-2022-49103",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49103"
},
{
"name": "CVE-2022-49107",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49107"
},
{
"name": "CVE-2022-49118",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49118"
},
{
"name": "CVE-2022-49122",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49122"
},
{
"name": "CVE-2022-49130",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49130"
},
{
"name": "CVE-2022-49145",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49145"
},
{
"name": "CVE-2022-49147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49147"
},
{
"name": "CVE-2022-49148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49148"
},
{
"name": "CVE-2022-49153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49153"
},
{
"name": "CVE-2022-49154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49154"
},
{
"name": "CVE-2022-49155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49155"
},
{
"name": "CVE-2022-49156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49156"
},
{
"name": "CVE-2022-49159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49159"
},
{
"name": "CVE-2022-49174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49174"
},
{
"name": "CVE-2022-49175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49175"
},
{
"name": "CVE-2022-49180",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49180"
},
{
"name": "CVE-2022-49187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49187"
},
{
"name": "CVE-2022-49188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49188"
},
{
"name": "CVE-2022-49206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49206"
},
{
"name": "CVE-2022-49208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49208"
},
{
"name": "CVE-2022-49216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49216"
},
{
"name": "CVE-2022-49227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49227"
},
{
"name": "CVE-2022-49257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49257"
},
{
"name": "CVE-2022-49259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49259"
},
{
"name": "CVE-2022-49262",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49262"
},
{
"name": "CVE-2022-49263",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49263"
},
{
"name": "CVE-2022-49264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49264"
},
{
"name": "CVE-2022-49266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49266"
},
{
"name": "CVE-2022-49268",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49268"
},
{
"name": "CVE-2022-49269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49269"
},
{
"name": "CVE-2022-49272",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49272"
},
{
"name": "CVE-2022-49273",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49273"
},
{
"name": "CVE-2022-49279",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49279"
},
{
"name": "CVE-2022-49286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49286"
},
{
"name": "CVE-2022-49290",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49290"
},
{
"name": "CVE-2022-49297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49297"
},
{
"name": "CVE-2022-49307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49307"
},
{
"name": "CVE-2022-49308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49308"
},
{
"name": "CVE-2022-49321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49321"
},
{
"name": "CVE-2022-49322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49322"
},
{
"name": "CVE-2022-49323",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49323"
},
{
"name": "CVE-2022-49339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49339"
},
{
"name": "CVE-2022-49341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49341"
},
{
"name": "CVE-2022-49343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49343"
},
{
"name": "CVE-2022-49345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49345"
},
{
"name": "CVE-2022-49350",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49350"
},
{
"name": "CVE-2022-49352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49352"
},
{
"name": "CVE-2022-49356",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49356"
},
{
"name": "CVE-2022-49357",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49357"
},
{
"name": "CVE-2022-49376",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49376"
},
{
"name": "CVE-2022-49378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49378"
},
{
"name": "CVE-2022-49379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49379"
},
{
"name": "CVE-2022-49384",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49384"
},
{
"name": "CVE-2022-49394",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49394"
},
{
"name": "CVE-2022-49400",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49400"
},
{
"name": "CVE-2022-49402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49402"
},
{
"name": "CVE-2022-49404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49404"
},
{
"name": "CVE-2022-49407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49407"
},
{
"name": "CVE-2022-49409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49409"
},
{
"name": "CVE-2022-49422",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49422"
},
{
"name": "CVE-2022-49432",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49432"
},
{
"name": "CVE-2022-49433",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49433"
},
{
"name": "CVE-2022-49434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49434"
},
{
"name": "CVE-2022-49441",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49441"
},
{
"name": "CVE-2022-49447",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49447"
},
{
"name": "CVE-2022-49455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49455"
},
{
"name": "CVE-2022-49468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49468"
},
{
"name": "CVE-2022-49472",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49472"
},
{
"name": "CVE-2022-49475",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49475"
},
{
"name": "CVE-2022-49481",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49481"
},
{
"name": "CVE-2022-49486",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49486"
},
{
"name": "CVE-2022-49492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49492"
},
{
"name": "CVE-2022-49498",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49498"
},
{
"name": "CVE-2022-49503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49503"
},
{
"name": "CVE-2022-49508",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49508"
},
{
"name": "CVE-2022-49515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49515"
},
{
"name": "CVE-2022-49519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49519"
},
{
"name": "CVE-2022-49520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49520"
},
{
"name": "CVE-2022-49521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49521"
},
{
"name": "CVE-2022-49523",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49523"
},
{
"name": "CVE-2022-49526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49526"
},
{
"name": "CVE-2022-49532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49532"
},
{
"name": "CVE-2022-49545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49545"
},
{
"name": "CVE-2022-49559",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49559"
},
{
"name": "CVE-2022-49581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49581"
},
{
"name": "CVE-2022-49583",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49583"
},
{
"name": "CVE-2022-49584",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49584"
},
{
"name": "CVE-2022-49592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49592"
},
{
"name": "CVE-2022-49603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49603"
},
{
"name": "CVE-2022-49605",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49605"
},
{
"name": "CVE-2022-49606",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49606"
},
{
"name": "CVE-2022-49607",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49607"
},
{
"name": "CVE-2022-49611",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49611"
},
{
"name": "CVE-2022-49613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49613"
},
{
"name": "CVE-2022-49625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49625"
},
{
"name": "CVE-2022-49627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49627"
},
{
"name": "CVE-2022-49631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49631"
},
{
"name": "CVE-2022-49634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49634"
},
{
"name": "CVE-2022-49640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49640"
},
{
"name": "CVE-2022-49641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49641"
},
{
"name": "CVE-2022-49642",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49642"
},
{
"name": "CVE-2022-49643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49643"
},
{
"name": "CVE-2022-49646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49646"
},
{
"name": "CVE-2022-49648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49648"
},
{
"name": "CVE-2022-49653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49653"
},
{
"name": "CVE-2022-49656",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49656"
},
{
"name": "CVE-2022-49657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49657"
},
{
"name": "CVE-2022-49663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49663"
},
{
"name": "CVE-2022-49670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49670"
},
{
"name": "CVE-2022-49671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49671"
},
{
"name": "CVE-2022-49672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49672"
},
{
"name": "CVE-2022-49673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49673"
},
{
"name": "CVE-2022-49674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49674"
},
{
"name": "CVE-2022-49675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49675"
},
{
"name": "CVE-2022-49679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49679"
},
{
"name": "CVE-2022-49688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49688"
},
{
"name": "CVE-2022-49699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49699"
},
{
"name": "CVE-2022-49707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49707"
},
{
"name": "CVE-2022-49708",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49708"
},
{
"name": "CVE-2022-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49710"
},
{
"name": "CVE-2022-49716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49716"
},
{
"name": "CVE-2022-49721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49721"
},
{
"name": "CVE-2022-49723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49723"
},
{
"name": "CVE-2022-49726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49726"
},
{
"name": "CVE-2022-49731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49731"
},
{
"name": "CVE-2024-48876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48876"
},
{
"name": "CVE-2024-53681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53681"
},
{
"name": "CVE-2024-54460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54460"
},
{
"name": "CVE-2024-55642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55642"
},
{
"name": "CVE-2024-56613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56613"
},
{
"name": "CVE-2024-56624",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56624"
},
{
"name": "CVE-2024-56638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56638"
},
{
"name": "CVE-2024-56653",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56653"
},
{
"name": "CVE-2024-56657",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56657"
},
{
"name": "CVE-2024-56669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56669"
},
{
"name": "CVE-2024-56710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56710"
},
{
"name": "CVE-2024-56714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56714"
},
{
"name": "CVE-2024-56772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56772"
},
{
"name": "CVE-2024-56773",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56773"
},
{
"name": "CVE-2024-57878",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57878"
},
{
"name": "CVE-2024-57879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57879"
},
{
"name": "CVE-2024-57885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57885"
},
{
"name": "CVE-2025-21644",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21644"
},
{
"name": "CVE-2025-21659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21659"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2022-49057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49057"
},
{
"name": "CVE-2022-49062",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49062"
},
{
"name": "CVE-2022-49064",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49064"
},
{
"name": "CVE-2022-49070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49070"
},
{
"name": "CVE-2022-49139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49139"
},
{
"name": "CVE-2022-49204",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49204"
},
{
"name": "CVE-2022-49205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49205"
},
{
"name": "CVE-2022-49207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49207"
},
{
"name": "CVE-2022-49209",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49209"
},
{
"name": "CVE-2022-49225",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49225"
},
{
"name": "CVE-2022-49228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49228"
},
{
"name": "CVE-2022-49237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49237"
},
{
"name": "CVE-2022-49330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49330"
},
{
"name": "CVE-2022-49353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49353"
},
{
"name": "CVE-2022-49406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49406"
},
{
"name": "CVE-2022-49436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49436"
},
{
"name": "CVE-2022-49446",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49446"
},
{
"name": "CVE-2022-49476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49476"
},
{
"name": "CVE-2022-49511",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49511"
},
{
"name": "CVE-2022-49518",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49518"
},
{
"name": "CVE-2022-49538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49538"
},
{
"name": "CVE-2022-49548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49548"
},
{
"name": "CVE-2022-49552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49552"
},
{
"name": "CVE-2022-49560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49560"
},
{
"name": "CVE-2022-49565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49565"
},
{
"name": "CVE-2022-49624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49624"
},
{
"name": "CVE-2022-49638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49638"
},
{
"name": "CVE-2022-49655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49655"
},
{
"name": "CVE-2022-49658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49658"
},
{
"name": "CVE-2022-49697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49697"
},
{
"name": "CVE-2022-49732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49732"
},
{
"name": "CVE-2022-49739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49739"
},
{
"name": "CVE-2022-49746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49746"
},
{
"name": "CVE-2022-49759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49759"
},
{
"name": "CVE-2023-52933",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52933"
},
{
"name": "CVE-2023-52941",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52941"
},
{
"name": "CVE-2023-52976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52976"
},
{
"name": "CVE-2023-52984",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52984"
},
{
"name": "CVE-2023-52992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52992"
},
{
"name": "CVE-2023-52993",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52993"
},
{
"name": "CVE-2023-53006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53006"
},
{
"name": "CVE-2023-53007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53007"
},
{
"name": "CVE-2023-53015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53015"
},
{
"name": "CVE-2023-53016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53016"
},
{
"name": "CVE-2023-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53019"
},
{
"name": "CVE-2023-53026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53026"
},
{
"name": "CVE-2023-53029",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53029"
},
{
"name": "CVE-2023-53030",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53030"
},
{
"name": "CVE-2023-53033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53033"
},
{
"name": "CVE-2024-46736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46736"
},
{
"name": "CVE-2024-46796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46796"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21876"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2025-21886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21886"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21938"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2022-49220",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49220"
},
{
"name": "CVE-2022-49372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49372"
},
{
"name": "CVE-2022-49578",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49578"
},
{
"name": "CVE-2022-49589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49589"
},
{
"name": "CVE-2022-49620",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49620"
},
{
"name": "CVE-2023-52997",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52997"
},
{
"name": "CVE-2023-53031",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53031"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2025-21953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21953"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2022-49171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49171"
},
{
"name": "CVE-2022-49197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49197"
},
{
"name": "CVE-2022-49561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49561"
},
{
"name": "CVE-2022-49590",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49590"
},
{
"name": "CVE-2023-52928",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52928"
},
{
"name": "CVE-2023-52937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52937"
},
{
"name": "CVE-2023-52938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52938"
},
{
"name": "CVE-2023-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52981"
},
{
"name": "CVE-2023-52982",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52982"
},
{
"name": "CVE-2023-52986",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52986"
},
{
"name": "CVE-2023-53009",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53009"
},
{
"name": "CVE-2023-53032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53032"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-21884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21884"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-21906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21906"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58074"
},
{
"name": "CVE-2025-21974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21974"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21939"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2024-57987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57987"
},
{
"name": "CVE-2024-57988",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57988"
},
{
"name": "CVE-2024-57995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57995"
},
{
"name": "CVE-2024-58015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58015"
},
{
"name": "CVE-2024-58062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58062"
},
{
"name": "CVE-2025-21713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21713"
},
{
"name": "CVE-2025-21770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21770"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2021-47316",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47316"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
}
],
"initial_release_date": "2025-12-02T00:00:00",
"last_revision_date": "2025-12-02T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1057",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-12-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36560",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36560"
},
{
"published_at": "2025-12-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36564",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36564"
}
]
}
CERTFR-2025-AVI-1057
Vulnerability from certfr_avis - Published: 2025-12-02 - Updated: 2025-12-02
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 16.x antérieures à 16.11.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 14.x antérieures à 14.20.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 17.x antérieures à 17.7.0 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.1 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 18.x antérieures à 18.1.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 15.x antérieures à 15.15.0 | ||
| VMware | Tanzu Data Intelligence | Tanzu pour Postgres versions 13.x antérieures à 13.23.0 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tanzu pour Postgres versions 16.x ant\u00e9rieures \u00e0 16.11.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 14.x ant\u00e9rieures \u00e0 14.20.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 17.x ant\u00e9rieures \u00e0 17.7.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.1",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 18.x ant\u00e9rieures \u00e0 18.1.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 15.x ant\u00e9rieures \u00e0 15.15.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu pour Postgres versions 13.x ant\u00e9rieures \u00e0 13.23.0",
"product": {
"name": "Tanzu Data Intelligence",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2021-20227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20227"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2022-23960",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23960"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-3629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3629"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2022-3633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3633"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2022-3903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3903"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-26878",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26878"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-1974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1974"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-20154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20154"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-27672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27672"
},
{
"name": "CVE-2023-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0045"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-28410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28410"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27779",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27779"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2022-30115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30115"
},
{
"name": "CVE-2023-1380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1380"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2022-3534",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3534"
},
{
"name": "CVE-2023-2156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2156"
},
{
"name": "CVE-2023-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3006"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2021-31239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31239"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-4387",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4387"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2023-31085",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31085"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2019-17498",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17498"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-52467",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52467"
},
{
"name": "CVE-2023-52451",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52451"
},
{
"name": "CVE-2023-52445",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52445"
},
{
"name": "CVE-2024-26598",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26598"
},
{
"name": "CVE-2023-52462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52462"
},
{
"name": "CVE-2023-52469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52469"
},
{
"name": "CVE-2023-52470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52470"
},
{
"name": "CVE-2023-52464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52464"
},
{
"name": "CVE-2023-52475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52475"
},
{
"name": "CVE-2023-52478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52478"
},
{
"name": "CVE-2024-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26603"
},
{
"name": "CVE-2023-52452",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52452"
},
{
"name": "CVE-2023-52532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52532"
},
{
"name": "CVE-2019-25162",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25162"
},
{
"name": "CVE-2021-46904",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46904"
},
{
"name": "CVE-2024-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24855"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2024-26631",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26631"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2023-52501",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52501"
},
{
"name": "CVE-2023-52519",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52519"
},
{
"name": "CVE-2024-26717",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26717"
},
{
"name": "CVE-2024-26670",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26670"
},
{
"name": "CVE-2023-52477",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52477"
},
{
"name": "CVE-2023-52528",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52528"
},
{
"name": "CVE-2023-52582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52582"
},
{
"name": "CVE-2021-47098",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47098"
},
{
"name": "CVE-2023-52513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52513"
},
{
"name": "CVE-2024-22099",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22099"
},
{
"name": "CVE-2021-47097",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47097"
},
{
"name": "CVE-2023-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52520"
},
{
"name": "CVE-2023-7042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7042"
},
{
"name": "CVE-2023-52523",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52523"
},
{
"name": "CVE-2024-26803",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26803"
},
{
"name": "CVE-2024-24858",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24858"
},
{
"name": "CVE-2024-24857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24857"
},
{
"name": "CVE-2024-26660",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26660"
},
{
"name": "CVE-2024-26760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26760"
},
{
"name": "CVE-2024-26681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26681"
},
{
"name": "CVE-2024-26815",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26815"
},
{
"name": "CVE-2024-26621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26621"
},
{
"name": "CVE-2024-26714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26714"
},
{
"name": "CVE-2024-26761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26761"
},
{
"name": "CVE-2024-26742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26742"
},
{
"name": "CVE-2021-47020",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47020"
},
{
"name": "CVE-2021-47017",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47017"
},
{
"name": "CVE-2021-46984",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46984"
},
{
"name": "CVE-2021-47071",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47071"
},
{
"name": "CVE-2021-47202",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47202"
},
{
"name": "CVE-2024-26605",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26605"
},
{
"name": "CVE-2024-26989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26989"
},
{
"name": "CVE-2024-27003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27003"
},
{
"name": "CVE-2024-26987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26987"
},
{
"name": "CVE-2024-27015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27015"
},
{
"name": "CVE-2024-27014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27014"
},
{
"name": "CVE-2024-26992",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26992"
},
{
"name": "CVE-2023-52468",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52468"
},
{
"name": "CVE-2023-52487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52487"
},
{
"name": "CVE-2024-26618",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26618"
},
{
"name": "CVE-2023-52490",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52490"
},
{
"name": "CVE-2023-52455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52455"
},
{
"name": "CVE-2023-52472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52472"
},
{
"name": "CVE-2023-52643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52643"
},
{
"name": "CVE-2024-26649",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26649"
},
{
"name": "CVE-2023-52473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52473"
},
{
"name": "CVE-2023-52465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52465"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2024-27042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27042"
},
{
"name": "CVE-2021-47197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47197"
},
{
"name": "CVE-2021-47196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47196"
},
{
"name": "CVE-2022-48702",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48702"
},
{
"name": "CVE-2022-48701",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48701"
},
{
"name": "CVE-2022-48694",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48694"
},
{
"name": "CVE-2022-48644",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48644"
},
{
"name": "CVE-2021-47217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47217"
},
{
"name": "CVE-2022-48653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48653"
},
{
"name": "CVE-2021-47214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47214"
},
{
"name": "CVE-2022-48672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48672"
},
{
"name": "CVE-2022-48657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48657"
},
{
"name": "CVE-2022-48652",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48652"
},
{
"name": "CVE-2022-48658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48658"
},
{
"name": "CVE-2021-47210",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47210"
},
{
"name": "CVE-2022-48662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48662"
},
{
"name": "CVE-2022-48639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48639"
},
{
"name": "CVE-2023-52646",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52646"
},
{
"name": "CVE-2022-48640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48640"
},
{
"name": "CVE-2024-26933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26933"
},
{
"name": "CVE-2021-47215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47215"
},
{
"name": "CVE-2021-47074",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47074"
},
{
"name": "CVE-2021-47041",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47041"
},
{
"name": "CVE-2024-27039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27039"
},
{
"name": "CVE-2022-48704",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48704"
},
{
"name": "CVE-2022-48675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48675"
},
{
"name": "CVE-2022-48690",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48690"
},
{
"name": "CVE-2021-47191",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47191"
},
{
"name": "CVE-2022-48637",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48637"
},
{
"name": "CVE-2022-48632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48632"
},
{
"name": "CVE-2022-48660",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48660"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2023-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52565"
},
{
"name": "CVE-2024-26892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26892"
},
{
"name": "CVE-2024-26964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26964"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2021-47227",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47227"
},
{
"name": "CVE-2021-47237",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47237"
},
{
"name": "CVE-2021-47239",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47239"
},
{
"name": "CVE-2021-47250",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47250"
},
{
"name": "CVE-2021-47261",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47261"
},
{
"name": "CVE-2021-47343",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47343"
},
{
"name": "CVE-2021-47360",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47360"
},
{
"name": "CVE-2021-47365",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47365"
},
{
"name": "CVE-2021-47373",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47373"
},
{
"name": "CVE-2021-47393",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47393"
},
{
"name": "CVE-2021-47398",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47398"
},
{
"name": "CVE-2021-47404",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47404"
},
{
"name": "CVE-2021-47420",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47420"
},
{
"name": "CVE-2021-47422",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47422"
},
{
"name": "CVE-2021-47426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47426"
},
{
"name": "CVE-2021-47428",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47428"
},
{
"name": "CVE-2021-47429",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47429"
},
{
"name": "CVE-2021-47430",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47430"
},
{
"name": "CVE-2021-47438",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47438"
},
{
"name": "CVE-2021-47444",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47444"
},
{
"name": "CVE-2021-47454",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47454"
},
{
"name": "CVE-2021-47457",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47457"
},
{
"name": "CVE-2021-47465",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47465"
},
{
"name": "CVE-2021-47481",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47481"
},
{
"name": "CVE-2021-47483",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47483"
},
{
"name": "CVE-2021-47490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47490"
},
{
"name": "CVE-2021-47495",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47495"
},
{
"name": "CVE-2021-47497",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47497"
},
{
"name": "CVE-2021-47499",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47499"
},
{
"name": "CVE-2021-47500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47500"
},
{
"name": "CVE-2021-47505",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47505"
},
{
"name": "CVE-2021-47516",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47516"
},
{
"name": "CVE-2021-47527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47527"
},
{
"name": "CVE-2021-47536",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47536"
},
{
"name": "CVE-2021-47537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47537"
},
{
"name": "CVE-2021-47538",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47538"
},
{
"name": "CVE-2021-47550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47550"
},
{
"name": "CVE-2021-47559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47559"
},
{
"name": "CVE-2022-48689",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48689"
},
{
"name": "CVE-2022-48691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48691"
},
{
"name": "CVE-2022-48705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48705"
},
{
"name": "CVE-2022-48709",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48709"
},
{
"name": "CVE-2022-48710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48710"
},
{
"name": "CVE-2023-52654",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52654"
},
{
"name": "CVE-2023-52659",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52659"
},
{
"name": "CVE-2023-52661",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52661"
},
{
"name": "CVE-2023-52662",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52662"
},
{
"name": "CVE-2023-52679",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52679"
},
{
"name": "CVE-2023-52686",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52686"
},
{
"name": "CVE-2023-52690",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52690"
},
{
"name": "CVE-2023-52698",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52698"
},
{
"name": "CVE-2023-52702",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52702"
},
{
"name": "CVE-2023-52703",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52703"
},
{
"name": "CVE-2023-52730",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52730"
},
{
"name": "CVE-2023-52731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52731"
},
{
"name": "CVE-2023-52736",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52736"
},
{
"name": "CVE-2023-52739",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52739"
},
{
"name": "CVE-2023-52740",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52740"
},
{
"name": "CVE-2023-52743",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52743"
},
{
"name": "CVE-2023-52744",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52744"
},
{
"name": "CVE-2023-52747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52747"
},
{
"name": "CVE-2023-52764",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52764"
},
{
"name": "CVE-2023-52781",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52781"
},
{
"name": "CVE-2023-52788",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52788"
},
{
"name": "CVE-2023-52791",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52791"
},
{
"name": "CVE-2023-52795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52795"
},
{
"name": "CVE-2023-52796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52796"
},
{
"name": "CVE-2023-52803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52803"
},
{
"name": "CVE-2023-52806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52806"
},
{
"name": "CVE-2023-52814",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52814"
},
{
"name": "CVE-2023-52817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52817"
},
{
"name": "CVE-2023-52818",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52818"
},
{
"name": "CVE-2023-52833",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52833"
},
{
"name": "CVE-2023-52840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52840"
},
{
"name": "CVE-2023-52851",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52851"
},
{
"name": "CVE-2023-52854",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52854"
},
{
"name": "CVE-2023-52867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52867"
},
{
"name": "CVE-2023-52877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52877"
},
{
"name": "CVE-2024-26838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26838"
},
{
"name": "CVE-2024-35801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35801"
},
{
"name": "CVE-2024-35804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35804"
},
{
"name": "CVE-2024-35860",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35860"
},
{
"name": "CVE-2024-35872",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35872"
},
{
"name": "CVE-2024-35901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35901"
},
{
"name": "CVE-2024-35912",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35912"
},
{
"name": "CVE-2024-35952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35952"
},
{
"name": "CVE-2024-35959",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35959"
},
{
"name": "CVE-2024-35963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35963"
},
{
"name": "CVE-2024-35964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35964"
},
{
"name": "CVE-2024-36012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36012"
},
{
"name": "CVE-2024-36906",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36906"
},
{
"name": "CVE-2024-36918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36918"
},
{
"name": "CVE-2024-36926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36926"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2023-52663",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52663"
},
{
"name": "CVE-2023-52675",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52675"
},
{
"name": "CVE-2023-52697",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52697"
},
{
"name": "CVE-2024-26611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26611"
},
{
"name": "CVE-2024-26674",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26674"
},
{
"name": "CVE-2024-26899",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26899"
},
{
"name": "CVE-2024-26990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26990"
},
{
"name": "CVE-2024-27027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27027"
},
{
"name": "CVE-2024-27031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27031"
},
{
"name": "CVE-2024-27057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27057"
},
{
"name": "CVE-2024-35795",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35795"
},
{
"name": "CVE-2024-35810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35810"
},
{
"name": "CVE-2024-35814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35814"
},
{
"name": "CVE-2024-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35824"
},
{
"name": "CVE-2024-35834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35834"
},
{
"name": "CVE-2024-35836",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35836"
},
{
"name": "CVE-2024-35838",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35838"
},
{
"name": "CVE-2024-35891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35891"
},
{
"name": "CVE-2024-35903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35903"
},
{
"name": "CVE-2024-35917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35917"
},
{
"name": "CVE-2024-35927",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35927"
},
{
"name": "CVE-2024-35974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35974"
},
{
"name": "CVE-2024-35981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35981"
},
{
"name": "CVE-2024-35991",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35991"
},
{
"name": "CVE-2024-36002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36002"
},
{
"name": "CVE-2024-36011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36011"
},
{
"name": "CVE-2024-36021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36021"
},
{
"name": "CVE-2024-36891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36891"
},
{
"name": "CVE-2024-36930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36930"
},
{
"name": "CVE-2024-36936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36936"
},
{
"name": "CVE-2024-35983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35983"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2023-52648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52648"
},
{
"name": "CVE-2023-52649",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52649"
},
{
"name": "CVE-2024-26953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26953"
},
{
"name": "CVE-2024-26975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26975"
},
{
"name": "CVE-2024-27026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27026"
},
{
"name": "CVE-2024-27079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27079"
},
{
"name": "CVE-2024-27390",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27390"
},
{
"name": "CVE-2024-35787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35787"
},
{
"name": "CVE-2024-35827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35827"
},
{
"name": "CVE-2024-35831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35831"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-52560",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52560"
},
{
"name": "CVE-2023-52813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52813"
},
{
"name": "CVE-2023-52835",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52835"
},
{
"name": "CVE-2023-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52881"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2021-47539",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47539"
},
{
"name": "CVE-2021-47572",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47572"
},
{
"name": "CVE-2021-47576",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47576"
},
{
"name": "CVE-2021-47578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47578"
},
{
"name": "CVE-2021-47601",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47601"
},
{
"name": "CVE-2021-47607",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47607"
},
{
"name": "CVE-2021-47609",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47609"
},
{
"name": "CVE-2021-47616",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47616"
},
{
"name": "CVE-2021-47617",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47617"
},
{
"name": "CVE-2021-47620",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47620"
},
{
"name": "CVE-2022-48712",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48712"
},
{
"name": "CVE-2022-48713",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48713"
},
{
"name": "CVE-2022-48714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48714"
},
{
"name": "CVE-2022-48720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48720"
},
{
"name": "CVE-2022-48724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48724"
},
{
"name": "CVE-2022-48725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48725"
},
{
"name": "CVE-2022-48727",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48727"
},
{
"name": "CVE-2022-48728",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48728"
},
{
"name": "CVE-2022-48729",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48729"
},
{
"name": "CVE-2022-48732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48732"
},
{
"name": "CVE-2022-48745",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48745"
},
{
"name": "CVE-2022-48746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48746"
},
{
"name": "CVE-2022-48752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48752"
},
{
"name": "CVE-2022-48760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48760"
},
{
"name": "CVE-2022-48763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48763"
},
{
"name": "CVE-2022-48767",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48767"
},
{
"name": "CVE-2022-48768",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48768"
},
{
"name": "CVE-2022-48769",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48769"
},
{
"name": "CVE-2022-48770",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48770"
},
{
"name": "CVE-2023-52787",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52787"
},
{
"name": "CVE-2023-52837",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52837"
},
{
"name": "CVE-2023-52845",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52845"
},
{
"name": "CVE-2023-52846",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52846"
},
{
"name": "CVE-2024-35979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35979"
},
{
"name": "CVE-2024-36477",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36477"
},
{
"name": "CVE-2024-36937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36937"
},
{
"name": "CVE-2024-36945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36945"
},
{
"name": "CVE-2024-36967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36967"
},
{
"name": "CVE-2024-36975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36975"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2024-24859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24859"
},
{
"name": "CVE-2024-26734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26734"
},
{
"name": "CVE-2024-26818",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26818"
},
{
"name": "CVE-2024-26831",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26831"
},
{
"name": "CVE-2024-27012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27012"
},
{
"name": "CVE-2024-27017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27017"
},
{
"name": "CVE-2024-35880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35880"
},
{
"name": "CVE-2024-35892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35892"
},
{
"name": "CVE-2024-35894",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35894"
},
{
"name": "CVE-2024-35908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35908"
},
{
"name": "CVE-2024-35913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35913"
},
{
"name": "CVE-2024-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35942"
},
{
"name": "CVE-2024-35957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35957"
},
{
"name": "CVE-2024-35980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35980"
},
{
"name": "CVE-2024-39298",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39298"
},
{
"name": "CVE-2024-39493",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39493"
},
{
"name": "CVE-2024-39500",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39500"
},
{
"name": "CVE-2024-40900",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40900"
},
{
"name": "CVE-2024-40903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40903"
},
{
"name": "CVE-2024-40908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40908"
},
{
"name": "CVE-2024-40913",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40913"
},
{
"name": "CVE-2024-40919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40919"
},
{
"name": "CVE-2024-40924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40924"
},
{
"name": "CVE-2024-40937",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40937"
},
{
"name": "CVE-2024-40940",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40940"
},
{
"name": "CVE-2024-40948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40948"
},
{
"name": "CVE-2024-40956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40956"
},
{
"name": "CVE-2024-40989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40989"
},
{
"name": "CVE-2024-40994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40994"
},
{
"name": "CVE-2023-52750",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52750"
},
{
"name": "CVE-2023-52782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52782"
},
{
"name": "CVE-2023-52786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52786"
},
{
"name": "CVE-2023-52792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52792"
},
{
"name": "CVE-2023-52794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52794"
},
{
"name": "CVE-2023-52842",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52842"
},
{
"name": "CVE-2023-52849",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52849"
},
{
"name": "CVE-2023-52866",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52866"
},
{
"name": "CVE-2024-36010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36010"
},
{
"name": "CVE-2024-36882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36882"
},
{
"name": "CVE-2024-36962",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36962"
},
{
"name": "CVE-2024-36977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36977"
},
{
"name": "CVE-2024-38566",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38566"
},
{
"name": "CVE-2024-38629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38629"
},
{
"name": "CVE-2024-39291",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39291"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2024-36028",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36028"
},
{
"name": "CVE-2024-36884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36884"
},
{
"name": "CVE-2024-36920",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36920"
},
{
"name": "CVE-2024-36932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36932"
},
{
"name": "CVE-2024-36956",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36956"
},
{
"name": "CVE-2024-36961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36961"
},
{
"name": "CVE-2024-38561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38561"
},
{
"name": "CVE-2024-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38604"
},
{
"name": "CVE-2024-38606",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38606"
},
{
"name": "CVE-2021-47579",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47579"
},
{
"name": "CVE-2022-48757",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48757"
},
{
"name": "CVE-2023-52775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52775"
},
{
"name": "CVE-2023-52885",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52885"
},
{
"name": "CVE-2024-26837",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26837"
},
{
"name": "CVE-2024-27404",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27404"
},
{
"name": "CVE-2024-39479",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39479"
},
{
"name": "CVE-2024-39498",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39498"
},
{
"name": "CVE-2024-40923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40923"
},
{
"name": "CVE-2024-40925",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40925"
},
{
"name": "CVE-2024-6197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6197"
},
{
"name": "CVE-2021-47623",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47623"
},
{
"name": "CVE-2022-48773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48773"
},
{
"name": "CVE-2022-48778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48778"
},
{
"name": "CVE-2022-48780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48780"
},
{
"name": "CVE-2022-48783",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48783"
},
{
"name": "CVE-2022-48784",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48784"
},
{
"name": "CVE-2022-48785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48785"
},
{
"name": "CVE-2022-48786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48786"
},
{
"name": "CVE-2022-48787",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48787"
},
{
"name": "CVE-2022-48793",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48793"
},
{
"name": "CVE-2022-48796",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48796"
},
{
"name": "CVE-2022-48797",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48797"
},
{
"name": "CVE-2022-48799",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48799"
},
{
"name": "CVE-2022-48800",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48800"
},
{
"name": "CVE-2022-48801",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48801"
},
{
"name": "CVE-2022-48802",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48802"
},
{
"name": "CVE-2022-48804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48804"
},
{
"name": "CVE-2022-48806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48806"
},
{
"name": "CVE-2022-48809",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48809"
},
{
"name": "CVE-2022-48810",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48810"
},
{
"name": "CVE-2022-48812",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48812"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-10966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
},
{
"name": "CVE-2025-59425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59425"
},
{
"name": "CVE-2022-48813",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48813"
},
{
"name": "CVE-2022-48815",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48815"
},
{
"name": "CVE-2022-48817",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48817"
},
{
"name": "CVE-2022-48818",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48818"
},
{
"name": "CVE-2022-48823",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48823"
},
{
"name": "CVE-2022-48825",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48825"
},
{
"name": "CVE-2022-48830",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48830"
},
{
"name": "CVE-2022-48831",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48831"
},
{
"name": "CVE-2022-48834",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48834"
},
{
"name": "CVE-2022-48835",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48835"
},
{
"name": "CVE-2022-48836",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48836"
},
{
"name": "CVE-2022-48837",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48837"
},
{
"name": "CVE-2022-48839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48839"
},
{
"name": "CVE-2022-48840",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48840"
},
{
"name": "CVE-2022-48843",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48843"
},
{
"name": "CVE-2022-48850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48850"
},
{
"name": "CVE-2022-48853",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48853"
},
{
"name": "CVE-2022-48858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48858"
},
{
"name": "CVE-2022-48861",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48861"
},
{
"name": "CVE-2022-48863",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48863"
},
{
"name": "CVE-2022-48864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48864"
},
{
"name": "CVE-2022-48866",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48866"
},
{
"name": "CVE-2023-52886",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52886"
},
{
"name": "CVE-2024-41057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41057"
},
{
"name": "CVE-2024-41058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41058"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2024-38632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38632"
},
{
"name": "CVE-2024-39491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39491"
},
{
"name": "CVE-2024-40922",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40922"
},
{
"name": "CVE-2024-40930",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40930"
},
{
"name": "CVE-2024-40964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40964"
},
{
"name": "CVE-2024-40992",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40992"
},
{
"name": "CVE-2024-41003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41003"
},
{
"name": "CVE-2024-41047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41047"
},
{
"name": "CVE-2024-42085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42085"
},
{
"name": "CVE-2024-42109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42109"
},
{
"name": "CVE-2024-42240",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42240"
},
{
"name": "CVE-2021-47517",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47517"
},
{
"name": "CVE-2022-48865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48865"
},
{
"name": "CVE-2022-48875",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48875"
},
{
"name": "CVE-2022-48883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48883"
},
{
"name": "CVE-2022-48886",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48886"
},
{
"name": "CVE-2022-48889",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48889"
},
{
"name": "CVE-2022-48890",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48890"
},
{
"name": "CVE-2022-48896",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48896"
},
{
"name": "CVE-2022-48899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48899"
},
{
"name": "CVE-2022-48912",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48912"
},
{
"name": "CVE-2022-48913",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48913"
},
{
"name": "CVE-2022-48914",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48914"
},
{
"name": "CVE-2022-48915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48915"
},
{
"name": "CVE-2022-48921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48921"
},
{
"name": "CVE-2022-48929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48929"
},
{
"name": "CVE-2022-48931",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48931"
},
{
"name": "CVE-2022-48934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48934"
},
{
"name": "CVE-2022-48938",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48938"
},
{
"name": "CVE-2022-48939",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48939"
},
{
"name": "CVE-2022-48942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48942"
},
{
"name": "CVE-2023-52859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52859"
},
{
"name": "CVE-2023-52898",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52898"
},
{
"name": "CVE-2023-52901",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52901"
},
{
"name": "CVE-2023-52905",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52905"
},
{
"name": "CVE-2023-52906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52906"
},
{
"name": "CVE-2023-52908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52908"
},
{
"name": "CVE-2023-52909",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52909"
},
{
"name": "CVE-2023-52910",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52910"
},
{
"name": "CVE-2024-26637",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26637"
},
{
"name": "CVE-2024-26682",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26682"
},
{
"name": "CVE-2024-26683",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26683"
},
{
"name": "CVE-2024-36970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-36970"
},
{
"name": "CVE-2024-39486",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39486"
},
{
"name": "CVE-2024-41010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41010"
},
{
"name": "CVE-2024-41032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41032"
},
{
"name": "CVE-2024-41037",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41037"
},
{
"name": "CVE-2024-41038",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41038"
},
{
"name": "CVE-2024-41039",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41039"
},
{
"name": "CVE-2024-41045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41045"
},
{
"name": "CVE-2024-41056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41056"
},
{
"name": "CVE-2024-41084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41084"
},
{
"name": "CVE-2024-41094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41094"
},
{
"name": "CVE-2024-42107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42107"
},
{
"name": "CVE-2024-42125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42125"
},
{
"name": "CVE-2024-42132",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42132"
},
{
"name": "CVE-2024-42133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42133"
},
{
"name": "CVE-2024-42138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42138"
},
{
"name": "CVE-2024-42139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42139"
},
{
"name": "CVE-2024-42141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42141"
},
{
"name": "CVE-2024-42238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42238"
},
{
"name": "CVE-2024-42239",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42239"
},
{
"name": "CVE-2024-42241",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42241"
},
{
"name": "CVE-2024-42245",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42245"
},
{
"name": "CVE-2024-42268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42268"
},
{
"name": "CVE-2024-42278",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42278"
},
{
"name": "CVE-2024-42291",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42291"
},
{
"name": "CVE-2024-42315",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42315"
},
{
"name": "CVE-2024-42316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42316"
},
{
"name": "CVE-2024-43816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43816"
},
{
"name": "CVE-2024-43817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43817"
},
{
"name": "CVE-2024-43821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43821"
},
{
"name": "CVE-2024-43826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43826"
},
{
"name": "CVE-2024-43840",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43840"
},
{
"name": "CVE-2024-43842",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43842"
},
{
"name": "CVE-2024-43873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43873"
},
{
"name": "CVE-2024-43874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43874"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2024-41031",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41031"
},
{
"name": "CVE-2024-42243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42243"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2024-44983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44983"
},
{
"name": "CVE-2024-44986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44986"
},
{
"name": "CVE-2024-45000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45000"
},
{
"name": "CVE-2024-45010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45010"
},
{
"name": "CVE-2024-45019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45019"
},
{
"name": "CVE-2024-45022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45022"
},
{
"name": "CVE-2024-45029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45029"
},
{
"name": "CVE-2024-46711",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46711"
},
{
"name": "CVE-2024-46784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46784"
},
{
"name": "CVE-2024-46830",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46830"
},
{
"name": "CVE-2022-48944",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48944"
},
{
"name": "CVE-2024-42294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42294"
},
{
"name": "CVE-2024-43870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43870"
},
{
"name": "CVE-2024-44967",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44967"
},
{
"name": "CVE-2024-44984",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44984"
},
{
"name": "CVE-2024-45001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45001"
},
{
"name": "CVE-2024-45005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45005"
},
{
"name": "CVE-2024-45012",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45012"
},
{
"name": "CVE-2024-45013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45013"
},
{
"name": "CVE-2024-45017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45017"
},
{
"name": "CVE-2024-45020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45020"
},
{
"name": "CVE-2024-46672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46672"
},
{
"name": "CVE-2024-46692",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46692"
},
{
"name": "CVE-2024-46706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46706"
},
{
"name": "CVE-2024-46709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46709"
},
{
"name": "CVE-2024-46710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46710"
},
{
"name": "CVE-2024-46767",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46767"
},
{
"name": "CVE-2024-46786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46786"
},
{
"name": "CVE-2024-46797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46797"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2024-41085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41085"
},
{
"name": "CVE-2024-26721",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26721"
},
{
"name": "CVE-2024-42258",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42258"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-54121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54121"
},
{
"name": "CVE-2012-2114",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2114"
},
{
"name": "CVE-2021-46937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46937"
},
{
"name": "CVE-2021-46999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46999"
},
{
"name": "CVE-2021-47033",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47033"
},
{
"name": "CVE-2021-47079",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47079"
},
{
"name": "CVE-2021-47092",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47092"
},
{
"name": "CVE-2021-47226",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47226"
},
{
"name": "CVE-2021-47251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47251"
},
{
"name": "CVE-2021-47266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47266"
},
{
"name": "CVE-2021-47318",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47318"
},
{
"name": "CVE-2021-47325",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47325"
},
{
"name": "CVE-2021-47346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47346"
},
{
"name": "CVE-2021-47349",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47349"
},
{
"name": "CVE-2021-47519",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47519"
},
{
"name": "CVE-2021-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47561"
},
{
"name": "CVE-2021-47613",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47613"
},
{
"name": "CVE-2022-1247",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1247"
},
{
"name": "CVE-2022-20153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-20153"
},
{
"name": "CVE-2022-48641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48641"
},
{
"name": "CVE-2022-48643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48643"
},
{
"name": "CVE-2022-48707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48707"
},
{
"name": "CVE-2022-48719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48719"
},
{
"name": "CVE-2022-48781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48781"
},
{
"name": "CVE-2022-48819",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48819"
},
{
"name": "CVE-2022-48832",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48832"
},
{
"name": "CVE-2022-48848",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48848"
},
{
"name": "CVE-2022-48876",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48876"
},
{
"name": "CVE-2022-48963",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48963"
},
{
"name": "CVE-2022-48974",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48974"
},
{
"name": "CVE-2022-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48976"
},
{
"name": "CVE-2022-48984",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48984"
},
{
"name": "CVE-2022-48986",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48986"
},
{
"name": "CVE-2022-49013",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49013"
},
{
"name": "CVE-2022-49018",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49018"
},
{
"name": "CVE-2022-49048",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49048"
},
{
"name": "CVE-2022-49049",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49049"
},
{
"name": "CVE-2022-49052",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49052"
},
{
"name": "CVE-2022-49072",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49072"
},
{
"name": "CVE-2022-49077",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49077"
},
{
"name": "CVE-2022-49094",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49094"
},
{
"name": "CVE-2022-49152",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49152"
},
{
"name": "CVE-2022-49198",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49198"
},
{
"name": "CVE-2022-49229",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49229"
},
{
"name": "CVE-2022-49231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49231"
},
{
"name": "CVE-2022-49334",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49334"
},
{
"name": "CVE-2022-49340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49340"
},
{
"name": "CVE-2022-49374",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49374"
},
{
"name": "CVE-2022-49401",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49401"
},
{
"name": "CVE-2022-49403",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49403"
},
{
"name": "CVE-2022-49450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49450"
},
{
"name": "CVE-2022-49554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49554"
},
{
"name": "CVE-2022-49557",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49557"
},
{
"name": "CVE-2022-49567",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49567"
},
{
"name": "CVE-2022-49571",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49571"
},
{
"name": "CVE-2022-49572",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49572"
},
{
"name": "CVE-2022-49573",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49573"
},
{
"name": "CVE-2022-49574",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49574"
},
{
"name": "CVE-2022-49575",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49575"
},
{
"name": "CVE-2022-49577",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49577"
},
{
"name": "CVE-2022-49580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49580"
},
{
"name": "CVE-2022-49585",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49585"
},
{
"name": "CVE-2022-49586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49586"
},
{
"name": "CVE-2022-49587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49587"
},
{
"name": "CVE-2022-49593",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49593"
},
{
"name": "CVE-2022-49594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49594"
},
{
"name": "CVE-2022-49595",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49595"
},
{
"name": "CVE-2022-49596",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49596"
},
{
"name": "CVE-2022-49597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49597"
},
{
"name": "CVE-2022-49598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49598"
},
{
"name": "CVE-2022-49599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49599"
},
{
"name": "CVE-2022-49600",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49600"
},
{
"name": "CVE-2022-49601",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49601"
},
{
"name": "CVE-2022-49602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49602"
},
{
"name": "CVE-2022-49604",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49604"
},
{
"name": "CVE-2022-49612",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49612"
},
{
"name": "CVE-2022-49629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49629"
},
{
"name": "CVE-2022-49633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49633"
},
{
"name": "CVE-2022-49637",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49637"
},
{
"name": "CVE-2022-49639",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49639"
},
{
"name": "CVE-2022-49659",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49659"
},
{
"name": "CVE-2022-49662",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49662"
},
{
"name": "CVE-2022-49691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49691"
},
{
"name": "CVE-2022-49744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49744"
},
{
"name": "CVE-2022-49747",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49747"
},
{
"name": "CVE-2022-49752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49752"
},
{
"name": "CVE-2022-49754",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49754"
},
{
"name": "CVE-2022-49760",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49760"
},
{
"name": "CVE-2023-31082",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31082"
},
{
"name": "CVE-2023-52516",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52516"
},
{
"name": "CVE-2023-52568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52568"
},
{
"name": "CVE-2023-52570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52570"
},
{
"name": "CVE-2023-52689",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52689"
},
{
"name": "CVE-2023-52704",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52704"
},
{
"name": "CVE-2023-52706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52706"
},
{
"name": "CVE-2023-52828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52828"
},
{
"name": "CVE-2023-52902",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52902"
},
{
"name": "CVE-2023-52932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52932"
},
{
"name": "CVE-2023-52934",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52934"
},
{
"name": "CVE-2023-52940",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52940"
},
{
"name": "CVE-2023-52942",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52942"
},
{
"name": "CVE-2023-52977",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52977"
},
{
"name": "CVE-2023-52985",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52985"
},
{
"name": "CVE-2023-52987",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52987"
},
{
"name": "CVE-2023-52991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52991"
},
{
"name": "CVE-2023-53004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53004"
},
{
"name": "CVE-2023-53017",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53017"
},
{
"name": "CVE-2024-23196",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23196"
},
{
"name": "CVE-2024-26678",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26678"
},
{
"name": "CVE-2024-26725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26725"
},
{
"name": "CVE-2024-26746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26746"
},
{
"name": "CVE-2024-26918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26918"
},
{
"name": "CVE-2024-27023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27023"
},
{
"name": "CVE-2024-40907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40907"
},
{
"name": "CVE-2024-43896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43896"
},
{
"name": "CVE-2024-46748",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46748"
},
{
"name": "CVE-2024-46862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46862"
},
{
"name": "CVE-2024-53073",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53073"
},
{
"name": "CVE-2024-53225",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53225"
},
{
"name": "CVE-2024-56668",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56668"
},
{
"name": "CVE-2024-57852",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57852"
},
{
"name": "CVE-2024-57914",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57914"
},
{
"name": "CVE-2024-57985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57985"
},
{
"name": "CVE-2024-57989",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57989"
},
{
"name": "CVE-2024-58064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58064"
},
{
"name": "CVE-2024-58075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58075"
},
{
"name": "CVE-2024-58084",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58084"
},
{
"name": "CVE-2025-21709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21709"
},
{
"name": "CVE-2025-21807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21807"
},
{
"name": "CVE-2025-21817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21817"
},
{
"name": "CVE-2025-21827",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21827"
},
{
"name": "CVE-2025-21851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21851"
},
{
"name": "CVE-2025-21874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21874"
},
{
"name": "CVE-2025-21907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21907"
},
{
"name": "CVE-2025-21921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21921"
},
{
"name": "CVE-2025-24357",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24357"
},
{
"name": "CVE-2025-25183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25183"
},
{
"name": "CVE-2025-29770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29770"
},
{
"name": "CVE-2025-30165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30165"
},
{
"name": "CVE-2025-30202",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30202"
},
{
"name": "CVE-2025-32381",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32381"
},
{
"name": "CVE-2025-32444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32444"
},
{
"name": "CVE-2025-46570",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46570"
},
{
"name": "CVE-2025-47277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47277"
},
{
"name": "CVE-2025-48887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48887"
},
{
"name": "CVE-2025-48956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48956"
},
{
"name": "CVE-2025-57809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57809"
},
{
"name": "CVE-2025-62372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62372"
},
{
"name": "CVE-2025-62426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62426"
},
{
"name": "CVE-2025-65106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65106"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2022-48879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48879"
},
{
"name": "CVE-2022-48946",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48946"
},
{
"name": "CVE-2022-48951",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48951"
},
{
"name": "CVE-2022-48953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48953"
},
{
"name": "CVE-2022-48969",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48969"
},
{
"name": "CVE-2022-48971",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48971"
},
{
"name": "CVE-2022-48972",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48972"
},
{
"name": "CVE-2022-48978",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48978"
},
{
"name": "CVE-2022-48981",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48981"
},
{
"name": "CVE-2022-48985",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48985"
},
{
"name": "CVE-2022-48987",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48987"
},
{
"name": "CVE-2022-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48988"
},
{
"name": "CVE-2022-48992",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48992"
},
{
"name": "CVE-2022-48994",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48994"
},
{
"name": "CVE-2022-48997",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48997"
},
{
"name": "CVE-2022-49005",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49005"
},
{
"name": "CVE-2022-49006",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49006"
},
{
"name": "CVE-2022-49011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49011"
},
{
"name": "CVE-2022-49012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49012"
},
{
"name": "CVE-2022-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49014"
},
{
"name": "CVE-2022-49015",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49015"
},
{
"name": "CVE-2022-49017",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49017"
},
{
"name": "CVE-2022-49021",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49021"
},
{
"name": "CVE-2022-49022",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49022"
},
{
"name": "CVE-2022-49024",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49024"
},
{
"name": "CVE-2022-49027",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49027"
},
{
"name": "CVE-2022-49028",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49028"
},
{
"name": "CVE-2022-49029",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49029"
},
{
"name": "CVE-2024-44932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44932"
},
{
"name": "CVE-2024-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44964"
},
{
"name": "CVE-2024-46766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46766"
},
{
"name": "CVE-2024-46825",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46825"
},
{
"name": "CVE-2024-46864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46864"
},
{
"name": "CVE-2024-43869",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43869"
},
{
"name": "CVE-2024-47672",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47672"
},
{
"name": "CVE-2024-47675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47675"
},
{
"name": "CVE-2024-47682",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47682"
},
{
"name": "CVE-2024-47687",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47687"
},
{
"name": "CVE-2024-47696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47696"
},
{
"name": "CVE-2024-47702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47702"
},
{
"name": "CVE-2024-47715",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47715"
},
{
"name": "CVE-2024-47719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47719"
},
{
"name": "CVE-2024-47727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47727"
},
{
"name": "CVE-2024-49855",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49855"
},
{
"name": "CVE-2024-49862",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49862"
},
{
"name": "CVE-2024-49864",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49864"
},
{
"name": "CVE-2024-49866",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49866"
},
{
"name": "CVE-2024-49870",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49870"
},
{
"name": "CVE-2024-49886",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49886"
},
{
"name": "CVE-2024-49946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49946"
},
{
"name": "CVE-2024-49953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49953"
},
{
"name": "CVE-2024-50000",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50000"
},
{
"name": "CVE-2024-50019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50019"
},
{
"name": "CVE-2024-50020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50020"
},
{
"name": "CVE-2024-50021",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50021"
},
{
"name": "CVE-2024-50022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50022"
},
{
"name": "CVE-2024-50023",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50023"
},
{
"name": "CVE-2024-50027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50027"
},
{
"name": "CVE-2024-50041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50041"
},
{
"name": "CVE-2024-50042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50042"
},
{
"name": "CVE-2024-50060",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50060"
},
{
"name": "CVE-2024-50064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50064"
},
{
"name": "CVE-2024-50074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50074"
},
{
"name": "CVE-2024-50075",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50075"
},
{
"name": "CVE-2024-50076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50076"
},
{
"name": "CVE-2024-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50077"
},
{
"name": "CVE-2024-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50078"
},
{
"name": "CVE-2024-50081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50081"
},
{
"name": "CVE-2024-46824",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46824"
},
{
"name": "CVE-2024-50126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50126"
},
{
"name": "CVE-2024-50215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50215"
},
{
"name": "CVE-2024-50235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50235"
},
{
"name": "CVE-2024-50250",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50250"
},
{
"name": "CVE-2024-50252",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50252"
},
{
"name": "CVE-2024-50255",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50255"
},
{
"name": "CVE-2024-50259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50259"
},
{
"name": "CVE-2024-50261",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50261"
},
{
"name": "CVE-2024-50271",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50271"
},
{
"name": "CVE-2024-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53042"
},
{
"name": "CVE-2024-53055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53055"
},
{
"name": "CVE-2024-53070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53070"
},
{
"name": "CVE-2024-53072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53072"
},
{
"name": "CVE-2024-53082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53082"
},
{
"name": "CVE-2024-50226",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50226"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-44994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44994"
},
{
"name": "CVE-2024-50110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50110"
},
{
"name": "CVE-2024-42317",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42317"
},
{
"name": "CVE-2024-43820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43820"
},
{
"name": "CVE-2024-43888",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43888"
},
{
"name": "CVE-2024-43910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43910"
},
{
"name": "CVE-2024-44975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44975"
},
{
"name": "CVE-2024-44996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44996"
},
{
"name": "CVE-2024-45027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45027"
},
{
"name": "CVE-2024-46697",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46697"
},
{
"name": "CVE-2024-46698",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46698"
},
{
"name": "CVE-2024-46788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46788"
},
{
"name": "CVE-2024-46793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46793"
},
{
"name": "CVE-2024-46845",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46845"
},
{
"name": "CVE-2024-47734",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47734"
},
{
"name": "CVE-2024-49856",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49856"
},
{
"name": "CVE-2024-49977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49977"
},
{
"name": "CVE-2024-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50093"
},
{
"name": "CVE-2024-50186",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50186"
},
{
"name": "CVE-2024-50189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50189"
},
{
"name": "CVE-2022-48982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48982"
},
{
"name": "CVE-2022-48983",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48983"
},
{
"name": "CVE-2022-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48989"
},
{
"name": "CVE-2023-52778",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52778"
},
{
"name": "CVE-2024-49976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49976"
},
{
"name": "CVE-2024-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50101"
},
{
"name": "CVE-2024-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50102"
},
{
"name": "CVE-2024-50121",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50121"
},
{
"name": "CVE-2024-50124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50124"
},
{
"name": "CVE-2024-50125",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50125"
},
{
"name": "CVE-2024-50128",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50128"
},
{
"name": "CVE-2024-50136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50136"
},
{
"name": "CVE-2024-50139",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50139"
},
{
"name": "CVE-2024-50141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50141"
},
{
"name": "CVE-2024-50145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50145"
},
{
"name": "CVE-2024-50146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50146"
},
{
"name": "CVE-2024-50147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50147"
},
{
"name": "CVE-2024-50153",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50153"
},
{
"name": "CVE-2024-50155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50155"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2024-50158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50158"
},
{
"name": "CVE-2024-50160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50160"
},
{
"name": "CVE-2024-50169",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50169"
},
{
"name": "CVE-2024-50172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50172"
},
{
"name": "CVE-2024-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50182"
},
{
"name": "CVE-2024-50200",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50200"
},
{
"name": "CVE-2024-50216",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50216"
},
{
"name": "CVE-2024-50274",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50274"
},
{
"name": "CVE-2024-50275",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50275"
},
{
"name": "CVE-2024-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53045"
},
{
"name": "CVE-2024-53048",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53048"
},
{
"name": "CVE-2024-53074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53074"
},
{
"name": "CVE-2024-53085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53085"
},
{
"name": "CVE-2024-53110",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53110"
},
{
"name": "CVE-2024-50162",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50162"
},
{
"name": "CVE-2024-50163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50163"
},
{
"name": "CVE-2024-53097",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53097"
},
{
"name": "CVE-2024-53113",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53113"
},
{
"name": "CVE-2024-53120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53120"
},
{
"name": "CVE-2024-53123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53123"
},
{
"name": "CVE-2024-53136",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53136"
},
{
"name": "CVE-2024-53064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53064"
},
{
"name": "CVE-2024-53105",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53105"
},
{
"name": "CVE-2024-53117",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53117"
},
{
"name": "CVE-2024-53118",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53118"
},
{
"name": "CVE-2024-53134",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53134"
},
{
"name": "CVE-2024-53151",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53151"
},
{
"name": "CVE-2024-53160",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53160"
},
{
"name": "CVE-2024-53166",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53166"
},
{
"name": "CVE-2024-53169",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53169"
},
{
"name": "CVE-2024-53202",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53202"
},
{
"name": "CVE-2024-53206",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53206"
},
{
"name": "CVE-2024-53207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53207"
},
{
"name": "CVE-2024-53208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53208"
},
{
"name": "CVE-2024-53213",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53213"
},
{
"name": "CVE-2024-53215",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53215"
},
{
"name": "CVE-2024-53222",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53222"
},
{
"name": "CVE-2024-53229",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53229"
},
{
"name": "CVE-2024-56549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56549"
},
{
"name": "CVE-2024-56667",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56667"
},
{
"name": "CVE-2024-56752",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56752"
},
{
"name": "CVE-2024-48873",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48873"
},
{
"name": "CVE-2024-49951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49951"
},
{
"name": "CVE-2024-53091",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53091"
},
{
"name": "CVE-2024-53170",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53170"
},
{
"name": "CVE-2024-53175",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53175"
},
{
"name": "CVE-2024-53185",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53185"
},
{
"name": "CVE-2024-53230",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53230"
},
{
"name": "CVE-2024-53231",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53231"
},
{
"name": "CVE-2024-53232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53232"
},
{
"name": "CVE-2024-53236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53236"
},
{
"name": "CVE-2024-55881",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55881"
},
{
"name": "CVE-2024-56372",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56372"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2024-53238",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53238"
},
{
"name": "CVE-2024-56617",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56617"
},
{
"name": "CVE-2024-56625",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56625"
},
{
"name": "CVE-2024-56632",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56632"
},
{
"name": "CVE-2024-56654",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56654"
},
{
"name": "CVE-2024-56663",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56663"
},
{
"name": "CVE-2024-56675",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56675"
},
{
"name": "CVE-2024-56708",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56708"
},
{
"name": "CVE-2024-56709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56709"
},
{
"name": "CVE-2024-56729",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56729"
},
{
"name": "CVE-2024-56745",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56745"
},
{
"name": "CVE-2024-56760",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56760"
},
{
"name": "CVE-2024-56765",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56765"
},
{
"name": "CVE-2024-57793",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57793"
},
{
"name": "CVE-2024-57804",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57804"
},
{
"name": "CVE-2024-57932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57932"
},
{
"name": "CVE-2024-57933",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57933"
},
{
"name": "CVE-2024-57936",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57936"
},
{
"name": "CVE-2025-21645",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21645"
},
{
"name": "CVE-2025-21649",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21649"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2024-46820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46820"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2024-53047",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53047"
},
{
"name": "CVE-2024-56679",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56679"
},
{
"name": "CVE-2024-56707",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56707"
},
{
"name": "CVE-2024-56725",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56725"
},
{
"name": "CVE-2024-56726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56726"
},
{
"name": "CVE-2024-56727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56727"
},
{
"name": "CVE-2024-57882",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57882"
},
{
"name": "CVE-2024-57917",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57917"
},
{
"name": "CVE-2025-21663",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21663"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2024-50164",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50164"
},
{
"name": "CVE-2025-21647",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21647"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-21671",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21671"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2021-47222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47222"
},
{
"name": "CVE-2021-47223",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47223"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2024-47700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47700"
},
{
"name": "CVE-2024-49880",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49880"
},
{
"name": "CVE-2024-49885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49885"
},
{
"name": "CVE-2024-49999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49999"
},
{
"name": "CVE-2024-50029",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50029"
},
{
"name": "CVE-2024-50107",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50107"
},
{
"name": "CVE-2024-50109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50109"
},
{
"name": "CVE-2024-50114",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50114"
},
{
"name": "CVE-2024-50120",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50120"
},
{
"name": "CVE-2024-50152",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50152"
},
{
"name": "CVE-2024-50165",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50165"
},
{
"name": "CVE-2024-50197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50197"
},
{
"name": "CVE-2024-50207",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50207"
},
{
"name": "CVE-2024-50223",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50223"
},
{
"name": "CVE-2024-50294",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50294"
},
{
"name": "CVE-2024-50303",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50303"
},
{
"name": "CVE-2024-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53044"
},
{
"name": "CVE-2024-53109",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53109"
},
{
"name": "CVE-2024-53167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53167"
},
{
"name": "CVE-2024-53176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53176"
},
{
"name": "CVE-2024-53178",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53178"
},
{
"name": "CVE-2024-53189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53189"
},
{
"name": "CVE-2024-56535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56535"
},
{
"name": "CVE-2024-56545",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56545"
},
{
"name": "CVE-2024-56696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56696"
},
{
"name": "CVE-2024-56702",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56702"
},
{
"name": "CVE-2024-56742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56742"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2024-56783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56783"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2022-49080",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49080"
},
{
"name": "CVE-2022-49089",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49089"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2021-47648",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47648"
},
{
"name": "CVE-2021-47649",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47649"
},
{
"name": "CVE-2021-47650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47650"
},
{
"name": "CVE-2021-47659",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47659"
},
{
"name": "CVE-2022-49058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49058"
},
{
"name": "CVE-2022-49061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49061"
},
{
"name": "CVE-2022-49065",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49065"
},
{
"name": "CVE-2022-49066",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49066"
},
{
"name": "CVE-2022-49074",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49074"
},
{
"name": "CVE-2022-49086",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49086"
},
{
"name": "CVE-2022-49090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49090"
},
{
"name": "CVE-2022-49092",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49092"
},
{
"name": "CVE-2022-49097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49097"
},
{
"name": "CVE-2022-49100",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49100"
},
{
"name": "CVE-2022-49103",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49103"
},
{
"name": "CVE-2022-49107",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49107"
},
{
"name": "CVE-2022-49118",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49118"
},
{
"name": "CVE-2022-49122",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49122"
},
{
"name": "CVE-2022-49130",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49130"
},
{
"name": "CVE-2022-49145",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49145"
},
{
"name": "CVE-2022-49147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49147"
},
{
"name": "CVE-2022-49148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49148"
},
{
"name": "CVE-2022-49153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49153"
},
{
"name": "CVE-2022-49154",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49154"
},
{
"name": "CVE-2022-49155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49155"
},
{
"name": "CVE-2022-49156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49156"
},
{
"name": "CVE-2022-49159",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49159"
},
{
"name": "CVE-2022-49174",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49174"
},
{
"name": "CVE-2022-49175",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49175"
},
{
"name": "CVE-2022-49180",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49180"
},
{
"name": "CVE-2022-49187",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49187"
},
{
"name": "CVE-2022-49188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49188"
},
{
"name": "CVE-2022-49206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49206"
},
{
"name": "CVE-2022-49208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49208"
},
{
"name": "CVE-2022-49216",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49216"
},
{
"name": "CVE-2022-49227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49227"
},
{
"name": "CVE-2022-49257",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49257"
},
{
"name": "CVE-2022-49259",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49259"
},
{
"name": "CVE-2022-49262",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49262"
},
{
"name": "CVE-2022-49263",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49263"
},
{
"name": "CVE-2022-49264",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49264"
},
{
"name": "CVE-2022-49266",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49266"
},
{
"name": "CVE-2022-49268",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49268"
},
{
"name": "CVE-2022-49269",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49269"
},
{
"name": "CVE-2022-49272",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49272"
},
{
"name": "CVE-2022-49273",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49273"
},
{
"name": "CVE-2022-49279",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49279"
},
{
"name": "CVE-2022-49286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49286"
},
{
"name": "CVE-2022-49290",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49290"
},
{
"name": "CVE-2022-49297",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49297"
},
{
"name": "CVE-2022-49307",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49307"
},
{
"name": "CVE-2022-49308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49308"
},
{
"name": "CVE-2022-49321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49321"
},
{
"name": "CVE-2022-49322",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49322"
},
{
"name": "CVE-2022-49323",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49323"
},
{
"name": "CVE-2022-49339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49339"
},
{
"name": "CVE-2022-49341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49341"
},
{
"name": "CVE-2022-49343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49343"
},
{
"name": "CVE-2022-49345",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49345"
},
{
"name": "CVE-2022-49350",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49350"
},
{
"name": "CVE-2022-49352",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49352"
},
{
"name": "CVE-2022-49356",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49356"
},
{
"name": "CVE-2022-49357",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49357"
},
{
"name": "CVE-2022-49376",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49376"
},
{
"name": "CVE-2022-49378",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49378"
},
{
"name": "CVE-2022-49379",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49379"
},
{
"name": "CVE-2022-49384",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49384"
},
{
"name": "CVE-2022-49394",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49394"
},
{
"name": "CVE-2022-49400",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49400"
},
{
"name": "CVE-2022-49402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49402"
},
{
"name": "CVE-2022-49404",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49404"
},
{
"name": "CVE-2022-49407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49407"
},
{
"name": "CVE-2022-49409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49409"
},
{
"name": "CVE-2022-49422",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49422"
},
{
"name": "CVE-2022-49432",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49432"
},
{
"name": "CVE-2022-49433",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49433"
},
{
"name": "CVE-2022-49434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49434"
},
{
"name": "CVE-2022-49441",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49441"
},
{
"name": "CVE-2022-49447",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49447"
},
{
"name": "CVE-2022-49455",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49455"
},
{
"name": "CVE-2022-49468",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49468"
},
{
"name": "CVE-2022-49472",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49472"
},
{
"name": "CVE-2022-49475",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49475"
},
{
"name": "CVE-2022-49481",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49481"
},
{
"name": "CVE-2022-49486",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49486"
},
{
"name": "CVE-2022-49492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49492"
},
{
"name": "CVE-2022-49498",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49498"
},
{
"name": "CVE-2022-49503",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49503"
},
{
"name": "CVE-2022-49508",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49508"
},
{
"name": "CVE-2022-49515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49515"
},
{
"name": "CVE-2022-49519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49519"
},
{
"name": "CVE-2022-49520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49520"
},
{
"name": "CVE-2022-49521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49521"
},
{
"name": "CVE-2022-49523",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49523"
},
{
"name": "CVE-2022-49526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49526"
},
{
"name": "CVE-2022-49532",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49532"
},
{
"name": "CVE-2022-49545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49545"
},
{
"name": "CVE-2022-49559",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49559"
},
{
"name": "CVE-2022-49581",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49581"
},
{
"name": "CVE-2022-49583",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49583"
},
{
"name": "CVE-2022-49584",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49584"
},
{
"name": "CVE-2022-49592",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49592"
},
{
"name": "CVE-2022-49603",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49603"
},
{
"name": "CVE-2022-49605",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49605"
},
{
"name": "CVE-2022-49606",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49606"
},
{
"name": "CVE-2022-49607",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49607"
},
{
"name": "CVE-2022-49611",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49611"
},
{
"name": "CVE-2022-49613",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49613"
},
{
"name": "CVE-2022-49625",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49625"
},
{
"name": "CVE-2022-49627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49627"
},
{
"name": "CVE-2022-49631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49631"
},
{
"name": "CVE-2022-49634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49634"
},
{
"name": "CVE-2022-49640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49640"
},
{
"name": "CVE-2022-49641",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49641"
},
{
"name": "CVE-2022-49642",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49642"
},
{
"name": "CVE-2022-49643",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49643"
},
{
"name": "CVE-2022-49646",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49646"
},
{
"name": "CVE-2022-49648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49648"
},
{
"name": "CVE-2022-49653",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49653"
},
{
"name": "CVE-2022-49656",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49656"
},
{
"name": "CVE-2022-49657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49657"
},
{
"name": "CVE-2022-49663",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49663"
},
{
"name": "CVE-2022-49670",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49670"
},
{
"name": "CVE-2022-49671",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49671"
},
{
"name": "CVE-2022-49672",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49672"
},
{
"name": "CVE-2022-49673",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49673"
},
{
"name": "CVE-2022-49674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49674"
},
{
"name": "CVE-2022-49675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49675"
},
{
"name": "CVE-2022-49679",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49679"
},
{
"name": "CVE-2022-49688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49688"
},
{
"name": "CVE-2022-49699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49699"
},
{
"name": "CVE-2022-49707",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49707"
},
{
"name": "CVE-2022-49708",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49708"
},
{
"name": "CVE-2022-49710",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49710"
},
{
"name": "CVE-2022-49716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49716"
},
{
"name": "CVE-2022-49721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49721"
},
{
"name": "CVE-2022-49723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49723"
},
{
"name": "CVE-2022-49726",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49726"
},
{
"name": "CVE-2022-49731",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49731"
},
{
"name": "CVE-2024-48876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48876"
},
{
"name": "CVE-2024-53681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53681"
},
{
"name": "CVE-2024-54460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54460"
},
{
"name": "CVE-2024-55642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55642"
},
{
"name": "CVE-2024-56613",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56613"
},
{
"name": "CVE-2024-56624",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56624"
},
{
"name": "CVE-2024-56638",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56638"
},
{
"name": "CVE-2024-56653",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56653"
},
{
"name": "CVE-2024-56657",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56657"
},
{
"name": "CVE-2024-56669",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56669"
},
{
"name": "CVE-2024-56710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56710"
},
{
"name": "CVE-2024-56714",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56714"
},
{
"name": "CVE-2024-56772",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56772"
},
{
"name": "CVE-2024-56773",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56773"
},
{
"name": "CVE-2024-57878",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57878"
},
{
"name": "CVE-2024-57879",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57879"
},
{
"name": "CVE-2024-57885",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57885"
},
{
"name": "CVE-2025-21644",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21644"
},
{
"name": "CVE-2025-21659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21659"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2024-58009",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58009"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2022-49057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49057"
},
{
"name": "CVE-2022-49062",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49062"
},
{
"name": "CVE-2022-49064",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49064"
},
{
"name": "CVE-2022-49070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49070"
},
{
"name": "CVE-2022-49139",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49139"
},
{
"name": "CVE-2022-49204",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49204"
},
{
"name": "CVE-2022-49205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49205"
},
{
"name": "CVE-2022-49207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49207"
},
{
"name": "CVE-2022-49209",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49209"
},
{
"name": "CVE-2022-49225",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49225"
},
{
"name": "CVE-2022-49228",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49228"
},
{
"name": "CVE-2022-49237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49237"
},
{
"name": "CVE-2022-49330",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49330"
},
{
"name": "CVE-2022-49353",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49353"
},
{
"name": "CVE-2022-49406",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49406"
},
{
"name": "CVE-2022-49436",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49436"
},
{
"name": "CVE-2022-49446",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49446"
},
{
"name": "CVE-2022-49476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49476"
},
{
"name": "CVE-2022-49511",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49511"
},
{
"name": "CVE-2022-49518",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49518"
},
{
"name": "CVE-2022-49538",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49538"
},
{
"name": "CVE-2022-49548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49548"
},
{
"name": "CVE-2022-49552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49552"
},
{
"name": "CVE-2022-49560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49560"
},
{
"name": "CVE-2022-49565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49565"
},
{
"name": "CVE-2022-49624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49624"
},
{
"name": "CVE-2022-49638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49638"
},
{
"name": "CVE-2022-49655",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49655"
},
{
"name": "CVE-2022-49658",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49658"
},
{
"name": "CVE-2022-49697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49697"
},
{
"name": "CVE-2022-49732",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49732"
},
{
"name": "CVE-2022-49739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49739"
},
{
"name": "CVE-2022-49746",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49746"
},
{
"name": "CVE-2022-49759",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49759"
},
{
"name": "CVE-2023-52933",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52933"
},
{
"name": "CVE-2023-52941",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52941"
},
{
"name": "CVE-2023-52976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52976"
},
{
"name": "CVE-2023-52984",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52984"
},
{
"name": "CVE-2023-52992",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52992"
},
{
"name": "CVE-2023-52993",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52993"
},
{
"name": "CVE-2023-53006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53006"
},
{
"name": "CVE-2023-53007",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53007"
},
{
"name": "CVE-2023-53015",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53015"
},
{
"name": "CVE-2023-53016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53016"
},
{
"name": "CVE-2023-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53019"
},
{
"name": "CVE-2023-53026",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53026"
},
{
"name": "CVE-2023-53029",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53029"
},
{
"name": "CVE-2023-53030",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53030"
},
{
"name": "CVE-2023-53033",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53033"
},
{
"name": "CVE-2024-46736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46736"
},
{
"name": "CVE-2024-46796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46796"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2025-21876",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21876"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2025-21886",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21886"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2025-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21938"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2022-49220",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49220"
},
{
"name": "CVE-2022-49372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49372"
},
{
"name": "CVE-2022-49578",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49578"
},
{
"name": "CVE-2022-49589",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49589"
},
{
"name": "CVE-2022-49620",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49620"
},
{
"name": "CVE-2023-52997",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52997"
},
{
"name": "CVE-2023-53031",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53031"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2025-21953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21953"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2022-49171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49171"
},
{
"name": "CVE-2022-49197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49197"
},
{
"name": "CVE-2022-49561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49561"
},
{
"name": "CVE-2022-49590",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49590"
},
{
"name": "CVE-2023-52928",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52928"
},
{
"name": "CVE-2023-52937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52937"
},
{
"name": "CVE-2023-52938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52938"
},
{
"name": "CVE-2023-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52981"
},
{
"name": "CVE-2023-52982",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52982"
},
{
"name": "CVE-2023-52986",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52986"
},
{
"name": "CVE-2023-53009",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53009"
},
{
"name": "CVE-2023-53032",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53032"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2025-21884",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21884"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-21906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21906"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2025-29088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29088"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58074",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58074"
},
{
"name": "CVE-2025-21974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21974"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-49636",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49636"
},
{
"name": "CVE-2025-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21939"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2024-57987",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57987"
},
{
"name": "CVE-2024-57988",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57988"
},
{
"name": "CVE-2024-57995",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57995"
},
{
"name": "CVE-2024-58015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58015"
},
{
"name": "CVE-2024-58062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58062"
},
{
"name": "CVE-2025-21713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21713"
},
{
"name": "CVE-2025-21770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21770"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2021-47316",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47316"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
}
],
"initial_release_date": "2025-12-02T00:00:00",
"last_revision_date": "2025-12-02T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1057",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-12-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36560",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36560"
},
{
"published_at": "2025-12-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36564",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36564"
}
]
}
CERTFR-2025-AVI-1131
Vulnerability from certfr_avis - Published: 2025-12-19 - Updated: 2025-12-19
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Db2 Warehouse | Db2 Warehouse on Cloud Pak for Data versions antérieures à 5.3.0 | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.0 versions antérieures à 7.5.0 UP14 IF03 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.0.x antérieures à 6.3.0.16 | ||
| IBM | QRadar | QRadar Suite Software versions 1.11.x antérieures à 1.11.8.0 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.4.0.x antérieures à 6.4.0.5 | ||
| IBM | Sterling Partner Engagement Manager Standard Edition | Sterling Partner Engagement Manager Standard Edition versions 6.2.4.x antérieures à 6.2.4.5 | ||
| IBM | Sterling Partner Engagement Manager Standard Edition | Sterling Partner Engagement Manager Standard Edition versions 6.2.3.x antérieures à 6.2.3.5 | ||
| IBM | Db2 | Db2 on Cloud Pak for Data versions antérieures à 5.3.0 | ||
| IBM | Cognos Dashboards | Cognos Dashboards on Cloud Pak for Data versions 5.x antérieures à 5.3 | ||
| IBM | Db2 | Db2 Intelligence Center versions 1.1.x antérieures à 1.1.3.0 | ||
| IBM | Sterling Partner Engagement Manager Essentials Edition | Sterling Partner Engagement Manager Essentials Edition versions 6.2.4.x antérieures à 6.2.4.2 | ||
| IBM | Sterling Partner Engagement Manager Essentials Edition | Sterling Partner Engagement Manager Essentials Edition versions 6.2.3.x antérieures à 6.2.3.5 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Db2 Warehouse on Cloud Pak for Data versions ant\u00e9rieures \u00e0 5.3.0",
"product": {
"name": "Db2 Warehouse",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.0 versions ant\u00e9rieures \u00e0 7.5.0 UP14 IF03",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.16",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.11.x ant\u00e9rieures \u00e0 1.11.8.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.4.0.x ant\u00e9rieures \u00e0 6.4.0.5",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Standard Edition versions 6.2.4.x ant\u00e9rieures \u00e0 6.2.4.5 ",
"product": {
"name": "Sterling Partner Engagement Manager Standard Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Standard Edition versions 6.2.3.x ant\u00e9rieures \u00e0 6.2.3.5 ",
"product": {
"name": "Sterling Partner Engagement Manager Standard Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 on Cloud Pak for Data versions ant\u00e9rieures \u00e0 5.3.0",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions 5.x ant\u00e9rieures \u00e0 5.3",
"product": {
"name": "Cognos Dashboards",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 Intelligence Center versions 1.1.x ant\u00e9rieures \u00e0 1.1.3.0",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Essentials Edition versions 6.2.4.x ant\u00e9rieures \u00e0 6.2.4.2",
"product": {
"name": "Sterling Partner Engagement Manager Essentials Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Essentials Edition versions 6.2.3.x ant\u00e9rieures \u00e0 6.2.3.5",
"product": {
"name": "Sterling Partner Engagement Manager Essentials Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2025-2534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2534"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2025-4447",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4447"
},
{
"name": "CVE-2024-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38286"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2021-26272",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26272"
},
{
"name": "CVE-2025-41234",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41234"
},
{
"name": "CVE-2025-39761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39761"
},
{
"name": "CVE-2024-49350",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49350"
},
{
"name": "CVE-2025-39883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39883"
},
{
"name": "CVE-2025-36131",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36131"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2025-30065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30065"
},
{
"name": "CVE-2024-47118",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47118"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2021-47621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-47621"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2025-61912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61912"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-55198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55198"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2022-25927",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25927"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2025-1992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1992"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-36136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36136"
},
{
"name": "CVE-2025-38724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38724"
},
{
"name": "CVE-2020-9493",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9493"
},
{
"name": "CVE-2025-36008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36008"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-39718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39718"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2024-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23454"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-36006",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36006"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2025-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36186"
},
{
"name": "CVE-2025-55182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55182"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2025-6493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6493"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-33012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33012"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2025-5187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5187"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-41235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41235"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2023-53539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53539"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2025-39955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39955"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-2518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2518"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2024-38827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38827"
},
{
"name": "CVE-2025-38292",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38292"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-55199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55199"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"name": "CVE-2025-59250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59250"
},
{
"name": "CVE-2025-1493",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1493"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2025-3050",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3050"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-1767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1767"
},
{
"name": "CVE-2021-26271",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26271"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2024-38821",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38821"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-39825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39825"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2023-53401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53401"
},
{
"name": "CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2025-0915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0915"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2025-38351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38351"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2024-52903",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52903"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-46653",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46653"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-2900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2900"
},
{
"name": "CVE-2025-0426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0426"
},
{
"name": "CVE-2020-9281",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9281"
},
{
"name": "CVE-2024-50301",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50301"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-1000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1000"
},
{
"name": "CVE-2022-3697",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3697"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-53513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53513"
},
{
"name": "CVE-2025-33134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33134"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2023-39804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39804"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6442"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2022-50543",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-50543"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-61911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61911"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2025-14687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14687"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2025-47287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47287"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-57699",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57699"
},
{
"name": "CVE-2025-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36185"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
}
],
"initial_release_date": "2025-12-19T00:00:00",
"last_revision_date": "2025-12-19T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1131",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-12-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7252732",
"url": "https://www.ibm.com/support/pages/node/7252732"
},
{
"published_at": "2025-12-15",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7254815",
"url": "https://www.ibm.com/support/pages/node/7254815"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255060",
"url": "https://www.ibm.com/support/pages/node/7255060"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255154",
"url": "https://www.ibm.com/support/pages/node/7255154"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255095",
"url": "https://www.ibm.com/support/pages/node/7255095"
},
{
"published_at": "2025-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7254849",
"url": "https://www.ibm.com/support/pages/node/7254849"
},
{
"published_at": "2025-12-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7254850",
"url": "https://www.ibm.com/support/pages/node/7254850"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255160",
"url": "https://www.ibm.com/support/pages/node/7255160"
},
{
"published_at": "2025-12-17",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7255065",
"url": "https://www.ibm.com/support/pages/node/7255065"
}
]
}
CERTFR-2025-AVI-1114
Vulnerability from certfr_avis - Published: 2025-12-16 - Updated: 2025-12-16
De multiples vulnérabilités ont été découvertes dans Tenable Nessus. Elles permettent à un attaquant de provoquer un déni de service à distance et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Nessus versions 10.11.x ant\u00e9rieures \u00e0 10.11.1",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
},
{
"description": "Nessus versions 10.9.x ant\u00e9rieures \u00e0 10.9.6",
"product": {
"name": "Nessus",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
}
],
"initial_release_date": "2025-12-16T00:00:00",
"last_revision_date": "2025-12-16T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1114",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable Nessus. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable Nessus",
"vendor_advisories": [
{
"published_at": "2025-12-15",
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2025-24",
"url": "https://www.tenable.com/security/tns-2025-24"
}
]
}
CERTFR-2025-AVI-0969
Vulnerability from certfr_avis - Published: 2025-11-06 - Updated: 2025-11-06
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Kubernetes Runtime | GenAI sur Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.5 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.90.x | ||
| VMware | Tanzu Kubernetes Runtime | NodeJS Buildpack versions antérieures à 1.8.58 | ||
| VMware | Tanzu Kubernetes Runtime | Python Buildpack versions antérieures à 1.8.63 | ||
| VMware | Tanzu Kubernetes Runtime | VMware Tanzu pour MySQL sur Tanzu Platform versions antérieures à 10.1.0 | ||
| VMware | Tanzu Kubernetes Runtime | API Gateway pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | Tanzu Kubernetes Runtime | PHP Buildpack versions antérieures à 4.6.49 | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Platform versions antérieures à 1.16.14 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.915.x | ||
| VMware | Tanzu Application Service | CredHub Service Broker versions antérieures à 1.6.6 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy FIPS) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions antérieures à 10.2.4+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.915.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry Windows versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Single Sign-On pour VMware Tanzu Application Service versions antérieures à 1.16.13 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.943.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 6.0.20+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.77.x | ||
| VMware | Services Suite | Platform Automation Toolkit versions antérieures à 5.3.2 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy Azure Light) versions antérieures à 1.906.x | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Data Flow pour VMware Tanzu versions antérieures à 1.14.9 | ||
| VMware | Tanzu Kubernetes Runtime | App Autoscaler CLI Plugin pour VMware Tanzu Platform versions antérieures à 250.5.9 | ||
| VMware | Tanzu Kubernetes Runtime | Spring Cloud Services pour VMware Tanzu versions antérieures à 3.3.10 | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Concourse pour VMware Tanzu versions antérieures à 7.14.1+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Platform pour Cloud Foundry isolation segment versions antérieures à 10.2.3+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Platform Services pour VMware Tanzu Platform versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Ruby Buildpack versions antérieures à 1.10.46 | ||
| VMware | Tanzu Kubernetes Runtime | Elastic Application Runtime pour VMware Tanzu Platform versions antérieures à 6.0.21+LTS-T | ||
| VMware | Tanzu Kubernetes Runtime | Telemetry pour VMware Tanzu Platform versions antérieures à 2.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Noble) versions antérieures à 1.103.x | ||
| VMware | Tanzu Kubernetes Runtime | Tanzu Hub versions antérieures à 10.3.0 | ||
| VMware | Tanzu Kubernetes Runtime | Stemcells (Ubuntu Jammy) versions antérieures à 1.906.x |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "GenAI sur Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.5",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.90.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.58",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Python Buildpack versions ant\u00e9rieures \u00e0 1.8.63",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Tanzu pour MySQL sur Tanzu Platform versions ant\u00e9rieures \u00e0 10.1.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "API Gateway pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "PHP Buildpack versions ant\u00e9rieures \u00e0 4.6.49",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 1.16.14",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "CredHub Service Broker versions ant\u00e9rieures \u00e0 1.6.6",
"product": {
"name": "Tanzu Application Service",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy FIPS) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime Windows add-on pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.4+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.915.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry Windows versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Single Sign-On pour VMware Tanzu Application Service versions ant\u00e9rieures \u00e0 1.16.13",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.943.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 6.0.20+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.77.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.3.2",
"product": {
"name": "Services Suite",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy Azure Light) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Data Flow pour VMware Tanzu versions ant\u00e9rieures \u00e0 1.14.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "App Autoscaler CLI Plugin pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 250.5.9",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Spring Cloud Services pour VMware Tanzu versions ant\u00e9rieures \u00e0 3.3.10",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Concourse pour VMware Tanzu versions ant\u00e9rieures \u00e0 7.14.1+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Platform pour Cloud Foundry isolation segment versions ant\u00e9rieures \u00e0 10.2.3+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Services pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Ruby Buildpack versions ant\u00e9rieures \u00e0 1.10.46",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Elastic Application Runtime pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 6.0.21+LTS-T",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Noble) versions ant\u00e9rieures \u00e0 1.103.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Hub versions ant\u00e9rieures \u00e0 10.3.0",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Stemcells (Ubuntu Jammy) versions ant\u00e9rieures \u00e0 1.906.x",
"product": {
"name": "Tanzu Kubernetes Runtime",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2019-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25013"
},
{
"name": "CVE-2017-9937",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9937"
},
{
"name": "CVE-2025-6395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6395"
},
{
"name": "CVE-2022-1343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1343"
},
{
"name": "CVE-2013-4235",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4235"
},
{
"name": "CVE-2024-37370",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37370"
},
{
"name": "CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"name": "CVE-2024-57981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57981"
},
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2017-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3613"
},
{
"name": "CVE-2025-30681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30681"
},
{
"name": "CVE-2022-25308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25308"
},
{
"name": "CVE-2021-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3996"
},
{
"name": "CVE-2024-38807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38807"
},
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2023-27102",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27102"
},
{
"name": "CVE-2022-43236",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43236"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2005-0602",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-0602"
},
{
"name": "CVE-2017-6834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6834"
},
{
"name": "CVE-2025-22003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22003"
},
{
"name": "CVE-2022-1473",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1473"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-3428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3428"
},
{
"name": "CVE-2021-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3933"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-43237",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43237"
},
{
"name": "CVE-2021-23215",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23215"
},
{
"name": "CVE-2022-1115",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1115"
},
{
"name": "CVE-2024-57994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57994"
},
{
"name": "CVE-2025-21798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21798"
},
{
"name": "CVE-2025-3264",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3264"
},
{
"name": "CVE-2015-4789",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4789"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2023-40217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40217"
},
{
"name": "CVE-2020-14621",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14621"
},
{
"name": "CVE-2025-26465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26465"
},
{
"name": "CVE-2025-21975",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21975"
},
{
"name": "CVE-2025-21980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21980"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2025-21889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21889"
},
{
"name": "CVE-2025-21861",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21861"
},
{
"name": "CVE-2025-38328",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38328"
},
{
"name": "CVE-2025-31115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31115"
},
{
"name": "CVE-2021-33294",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33294"
},
{
"name": "CVE-2023-3195",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3195"
},
{
"name": "CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2021-20243",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20243"
},
{
"name": "CVE-2023-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3316"
},
{
"name": "CVE-2023-1175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1175"
},
{
"name": "CVE-2024-57948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57948"
},
{
"name": "CVE-2025-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21937"
},
{
"name": "CVE-2014-9157",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9157"
},
{
"name": "CVE-2020-2803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2803"
},
{
"name": "CVE-2020-14803",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14803"
},
{
"name": "CVE-2024-58088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58088"
},
{
"name": "CVE-2024-21235",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21235"
},
{
"name": "CVE-2025-53042",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53042"
},
{
"name": "CVE-2024-9681",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9681"
},
{
"name": "CVE-2021-37600",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37600"
},
{
"name": "CVE-2025-21689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21689"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2011-3374",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3374"
},
{
"name": "CVE-2025-30689",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30689"
},
{
"name": "CVE-2024-11168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11168"
},
{
"name": "CVE-2021-26260",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26260"
},
{
"name": "CVE-2023-0922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0922"
},
{
"name": "CVE-2025-38100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38100"
},
{
"name": "CVE-2017-18250",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18250"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-1372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1372"
},
{
"name": "CVE-2025-40002",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40002"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2025-8851",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8851"
},
{
"name": "CVE-2024-58010",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58010"
},
{
"name": "CVE-2025-38043",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38043"
},
{
"name": "CVE-2025-21697",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21697"
},
{
"name": "CVE-2025-30715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30715"
},
{
"name": "CVE-2024-57973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57973"
},
{
"name": "CVE-2022-24407",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24407"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-46908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46908"
},
{
"name": "CVE-2022-3626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3626"
},
{
"name": "CVE-2024-28834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28834"
},
{
"name": "CVE-2021-38604",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38604"
},
{
"name": "CVE-2001-1268",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1268"
},
{
"name": "CVE-2022-2874",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2874"
},
{
"name": "CVE-2025-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22017"
},
{
"name": "CVE-2025-38108",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38108"
},
{
"name": "CVE-2025-21783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21783"
},
{
"name": "CVE-2025-38229",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38229"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2021-3733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3733"
},
{
"name": "CVE-2025-9714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9714"
},
{
"name": "CVE-2025-21786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21786"
},
{
"name": "CVE-2024-11187",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11187"
},
{
"name": "CVE-2020-27769",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27769"
},
{
"name": "CVE-2025-30682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30682"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2014-9748",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9748"
},
{
"name": "CVE-2025-25186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25186"
},
{
"name": "CVE-2014-8141",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8141"
},
{
"name": "CVE-2022-1623",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1623"
},
{
"name": "CVE-2025-21881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21881"
},
{
"name": "CVE-2025-21951",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21951"
},
{
"name": "CVE-2024-38829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38829"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2017-6831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6831"
},
{
"name": "CVE-2024-58034",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58034"
},
{
"name": "CVE-2025-25724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25724"
},
{
"name": "CVE-2025-27818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27818"
},
{
"name": "CVE-2021-3997",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3997"
},
{
"name": "CVE-2025-50102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50102"
},
{
"name": "CVE-2023-38471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38471"
},
{
"name": "CVE-2022-0158",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0158"
},
{
"name": "CVE-2020-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27776"
},
{
"name": "CVE-2025-5222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5222"
},
{
"name": "CVE-2025-21743",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21743"
},
{
"name": "CVE-2025-38147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38147"
},
{
"name": "CVE-2023-6780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6780"
},
{
"name": "CVE-2023-34475",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34475"
},
{
"name": "CVE-2024-26896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26896"
},
{
"name": "CVE-2025-38286",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38286"
},
{
"name": "CVE-2025-55248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55248"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2025-53643",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53643"
},
{
"name": "CVE-2022-0696",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0696"
},
{
"name": "CVE-2025-27516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27516"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-3220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3220"
},
{
"name": "CVE-2022-3599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3599"
},
{
"name": "CVE-2021-39537",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39537"
},
{
"name": "CVE-2025-12380",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12380"
},
{
"name": "CVE-2022-42010",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42010"
},
{
"name": "CVE-2015-4787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4787"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2025-21847",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21847"
},
{
"name": "CVE-2022-2929",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2929"
},
{
"name": "CVE-2018-15120",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15120"
},
{
"name": "CVE-2024-58069",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58069"
},
{
"name": "CVE-2025-8556",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8556"
},
{
"name": "CVE-2023-0796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0796"
},
{
"name": "CVE-2025-21853",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21853"
},
{
"name": "CVE-2025-21871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21871"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2016-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0682"
},
{
"name": "CVE-2025-4287",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4287"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2025-21731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21731"
},
{
"name": "CVE-2023-48237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48237"
},
{
"name": "CVE-2023-48706",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48706"
},
{
"name": "CVE-2021-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3605"
},
{
"name": "CVE-2025-38515",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38515"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2024-25126",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25126"
},
{
"name": "CVE-2025-21941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21941"
},
{
"name": "CVE-2025-8277",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8277"
},
{
"name": "CVE-2025-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8941"
},
{
"name": "CVE-2017-10928",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10928"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2025-38163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38163"
},
{
"name": "CVE-2021-35567",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35567"
},
{
"name": "CVE-2017-12429",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12429"
},
{
"name": "CVE-2025-38444",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38444"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2019-8322",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8322"
},
{
"name": "CVE-2024-52615",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52615"
},
{
"name": "CVE-2020-14579",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14579"
},
{
"name": "CVE-2023-2157",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2157"
},
{
"name": "CVE-2025-32386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32386"
},
{
"name": "CVE-2025-21823",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21823"
},
{
"name": "CVE-2025-11731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11731"
},
{
"name": "CVE-2019-1010238",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238"
},
{
"name": "CVE-2024-26700",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26700"
},
{
"name": "CVE-2024-58082",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58082"
},
{
"name": "CVE-2024-35176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-35176"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2025-55551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55551"
},
{
"name": "CVE-2025-50100",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50100"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2025-21763",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21763"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2025-40780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40780"
},
{
"name": "CVE-2023-48368",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48368"
},
{
"name": "CVE-2014-4715",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4715"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2022-48554",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48554"
},
{
"name": "CVE-2022-0563",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0563"
},
{
"name": "CVE-2025-38157",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38157"
},
{
"name": "CVE-2023-24757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24757"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2025-21678",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21678"
},
{
"name": "CVE-2025-4056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4056"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2020-29562",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29562"
},
{
"name": "CVE-2022-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31683"
},
{
"name": "CVE-2020-22218",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22218"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-53062",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53062"
},
{
"name": "CVE-2015-4776",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4776"
},
{
"name": "CVE-2025-21872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21872"
},
{
"name": "CVE-2017-3616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3616"
},
{
"name": "CVE-2021-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2163"
},
{
"name": "CVE-2025-21922",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21922"
},
{
"name": "CVE-2025-27817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27817"
},
{
"name": "CVE-2023-30086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30086"
},
{
"name": "CVE-2017-6832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6832"
},
{
"name": "CVE-2022-2208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2208"
},
{
"name": "CVE-2024-45720",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45720"
},
{
"name": "CVE-2022-1056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1056"
},
{
"name": "CVE-2018-10805",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10805"
},
{
"name": "CVE-2019-19906",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19906"
},
{
"name": "CVE-2025-38219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38219"
},
{
"name": "CVE-2015-4785",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4785"
},
{
"name": "CVE-2025-38466",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38466"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2020-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15095"
},
{
"name": "CVE-2018-16328",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16328"
},
{
"name": "CVE-2024-38949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38949"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2025-5745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5745"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2022-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43239"
},
{
"name": "CVE-2022-41409",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41409"
},
{
"name": "CVE-2022-32546",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32546"
},
{
"name": "CVE-2025-0838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0838"
},
{
"name": "CVE-2024-57980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57980"
},
{
"name": "CVE-2023-5441",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5441"
},
{
"name": "CVE-2025-55553",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55553"
},
{
"name": "CVE-2024-12797",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12797"
},
{
"name": "CVE-2024-58011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58011"
},
{
"name": "CVE-2025-21796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21796"
},
{
"name": "CVE-2024-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12086"
},
{
"name": "CVE-2025-27219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27219"
},
{
"name": "CVE-2025-21691",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21691"
},
{
"name": "CVE-2021-4219",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4219"
},
{
"name": "CVE-2018-15798",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15798"
},
{
"name": "CVE-2025-55154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55154"
},
{
"name": "CVE-2025-49146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49146"
},
{
"name": "CVE-2025-40026",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40026"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2022-3153",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3153"
},
{
"name": "CVE-2022-2057",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2057"
},
{
"name": "CVE-2025-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5197"
},
{
"name": "CVE-2023-45283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45283"
},
{
"name": "CVE-2023-39328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39328"
},
{
"name": "CVE-2023-45853",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45853"
},
{
"name": "CVE-2024-47611",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47611"
},
{
"name": "CVE-2017-11447",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11447"
},
{
"name": "CVE-2019-8323",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8323"
},
{
"name": "CVE-2023-39593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39593"
},
{
"name": "CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"name": "CVE-2025-46569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46569"
},
{
"name": "CVE-2024-21068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21068"
},
{
"name": "CVE-2018-14434",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14434"
},
{
"name": "CVE-2019-6293",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6293"
},
{
"name": "CVE-2025-30703",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30703"
},
{
"name": "CVE-2025-21738",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21738"
},
{
"name": "CVE-2022-48522",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48522"
},
{
"name": "CVE-2025-21684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21684"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-26965",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26965"
},
{
"name": "CVE-2023-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2602"
},
{
"name": "CVE-2021-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2161"
},
{
"name": "CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2017-10140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10140"
},
{
"name": "CVE-2021-2341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2341"
},
{
"name": "CVE-2021-3468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3468"
},
{
"name": "CVE-2024-6232",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6232"
},
{
"name": "CVE-2024-58061",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58061"
},
{
"name": "CVE-2025-46148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46148"
},
{
"name": "CVE-2024-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58058"
},
{
"name": "CVE-2025-21768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21768"
},
{
"name": "CVE-2025-21864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21864"
},
{
"name": "CVE-2025-2149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2149"
},
{
"name": "CVE-2021-3502",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3502"
},
{
"name": "CVE-2025-6052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6052"
},
{
"name": "CVE-2018-16329",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16329"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2025-24813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24813"
},
{
"name": "CVE-2024-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58056"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2025-50080",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50080"
},
{
"name": "CVE-2025-21725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21725"
},
{
"name": "CVE-2024-43790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43790"
},
{
"name": "CVE-2025-38313",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38313"
},
{
"name": "CVE-2025-38336",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38336"
},
{
"name": "CVE-2022-2058",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2058"
},
{
"name": "CVE-2025-22009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22009"
},
{
"name": "CVE-2025-38061",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38061"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2025-21727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21727"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2015-4764",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4764"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2022-43240",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43240"
},
{
"name": "CVE-2020-1752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1752"
},
{
"name": "CVE-2025-5987",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5987"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2025-38375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38375"
},
{
"name": "CVE-2015-4779",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4779"
},
{
"name": "CVE-2021-20312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20312"
},
{
"name": "CVE-2025-4330",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4330"
},
{
"name": "CVE-2025-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2953"
},
{
"name": "CVE-2020-14593",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14593"
},
{
"name": "CVE-2025-21904",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21904"
},
{
"name": "CVE-2019-20838",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20838"
},
{
"name": "CVE-2025-37798",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37798"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2025-50078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50078"
},
{
"name": "CVE-2022-28739",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28739"
},
{
"name": "CVE-2024-26726",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26726"
},
{
"name": "CVE-2023-52593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52593"
},
{
"name": "CVE-2025-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3933"
},
{
"name": "CVE-2023-26785",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26785"
},
{
"name": "CVE-2025-49794",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49794"
},
{
"name": "CVE-2020-14664",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14664"
},
{
"name": "CVE-2023-48235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48235"
},
{
"name": "CVE-2024-57970",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57970"
},
{
"name": "CVE-2024-9287",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9287"
},
{
"name": "CVE-2025-21668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21668"
},
{
"name": "CVE-2025-22004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22004"
},
{
"name": "CVE-2022-32207",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32207"
},
{
"name": "CVE-2024-44939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-44939"
},
{
"name": "CVE-2024-43374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43374"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2025-21929",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21929"
},
{
"name": "CVE-2025-4138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4138"
},
{
"name": "CVE-2022-41722",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41722"
},
{
"name": "CVE-2022-3627",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3627"
},
{
"name": "CVE-2020-14797",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14797"
},
{
"name": "CVE-2025-21735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21735"
},
{
"name": "CVE-2024-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3596"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2024-27280",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27280"
},
{
"name": "CVE-2025-3000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3000"
},
{
"name": "CVE-2022-3213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3213"
},
{
"name": "CVE-2022-2867",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2867"
},
{
"name": "CVE-2023-36632",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36632"
},
{
"name": "CVE-2021-23177",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23177"
},
{
"name": "CVE-2020-14798",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14798"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2025-21839",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21839"
},
{
"name": "CVE-2025-38112",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38112"
},
{
"name": "CVE-2025-5878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5878"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2023-4016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4016"
},
{
"name": "CVE-2024-58063",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58063"
},
{
"name": "CVE-2015-4780",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4780"
},
{
"name": "CVE-2024-41957",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41957"
},
{
"name": "CVE-2025-38500",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38500"
},
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-24293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24293"
},
{
"name": "CVE-2025-8961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8961"
},
{
"name": "CVE-2025-21977",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21977"
},
{
"name": "CVE-2022-25147",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25147"
},
{
"name": "CVE-2025-21779",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21779"
},
{
"name": "CVE-2024-58005",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58005"
},
{
"name": "CVE-2025-21674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21674"
},
{
"name": "CVE-2022-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3598"
},
{
"name": "CVE-2025-30696",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30696"
},
{
"name": "CVE-2023-0798",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0798"
},
{
"name": "CVE-2025-21918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21918"
},
{
"name": "CVE-2025-38203",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38203"
},
{
"name": "CVE-2023-45285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45285"
},
{
"name": "CVE-2022-0909",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0909"
},
{
"name": "CVE-2025-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8176"
},
{
"name": "CVE-2023-28154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28154"
},
{
"name": "CVE-2023-48231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48231"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2023-38633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38633"
},
{
"name": "CVE-2025-21948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21948"
},
{
"name": "CVE-2023-2609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2609"
},
{
"name": "CVE-2025-53905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53905"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2021-46312",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46312"
},
{
"name": "CVE-2018-14628",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14628"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2022-38476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38476"
},
{
"name": "CVE-2019-6461",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6461"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2025-38004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38004"
},
{
"name": "CVE-2020-2773",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2773"
},
{
"name": "CVE-2015-5262",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5262"
},
{
"name": "CVE-2022-43244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43244"
},
{
"name": "CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"name": "CVE-2025-21753",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21753"
},
{
"name": "CVE-2017-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6004"
},
{
"name": "CVE-2023-45284",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45284"
},
{
"name": "CVE-2015-7696",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7696"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2025-38387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38387"
},
{
"name": "CVE-2023-45922",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45922"
},
{
"name": "CVE-2015-4754",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4754"
},
{
"name": "CVE-2025-21699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21699"
},
{
"name": "CVE-2025-38362",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38362"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2023-45322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45322"
},
{
"name": "CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-39046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-39046"
},
{
"name": "CVE-2020-14578",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14578"
},
{
"name": "CVE-2025-21584",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21584"
},
{
"name": "CVE-2022-42916",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42916"
},
{
"name": "CVE-2025-40004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40004"
},
{
"name": "CVE-2017-7619",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7619"
},
{
"name": "CVE-2024-8176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8176"
},
{
"name": "CVE-2020-2805",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2805"
},
{
"name": "CVE-2025-21712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21712"
},
{
"name": "CVE-2025-38371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38371"
},
{
"name": "CVE-2023-2731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2731"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2024-57982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57982"
},
{
"name": "CVE-2025-38445",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38445"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2023-0803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0803"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2025-21746",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21746"
},
{
"name": "CVE-2022-0391",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0391"
},
{
"name": "CVE-2023-1170",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1170"
},
{
"name": "CVE-2022-24070",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24070"
},
{
"name": "CVE-2025-38461",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38461"
},
{
"name": "CVE-2019-17547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-17547"
},
{
"name": "CVE-2024-45341",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45341"
},
{
"name": "CVE-2021-36411",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36411"
},
{
"name": "CVE-2023-30774",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30774"
},
{
"name": "CVE-2018-10919",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10919"
},
{
"name": "CVE-2024-13176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13176"
},
{
"name": "CVE-2020-2830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2830"
},
{
"name": "CVE-2025-53014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53014"
},
{
"name": "CVE-2025-7962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7962"
},
{
"name": "CVE-2022-21624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21624"
},
{
"name": "CVE-2020-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2781"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2018-10804",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10804"
},
{
"name": "CVE-2025-38159",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38159"
},
{
"name": "CVE-2022-0907",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0907"
},
{
"name": "CVE-2021-3421",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3421"
},
{
"name": "CVE-2022-21305",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21305"
},
{
"name": "CVE-2025-38066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38066"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2021-3670",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3670"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2025-4373",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4373"
},
{
"name": "CVE-2015-4790",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4790"
},
{
"name": "CVE-2025-4598",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4598"
},
{
"name": "CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"name": "CVE-2025-21836",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21836"
},
{
"name": "CVE-2025-21715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21715"
},
{
"name": "CVE-2024-6174",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6174"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2020-10735",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10735"
},
{
"name": "CVE-2025-38305",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38305"
},
{
"name": "CVE-2020-14556",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14556"
},
{
"name": "CVE-2025-38067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38067"
},
{
"name": "CVE-2025-50085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50085"
},
{
"name": "CVE-2025-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21781"
},
{
"name": "CVE-2024-58054",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58054"
},
{
"name": "CVE-2024-43398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43398"
},
{
"name": "CVE-2020-14792",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14792"
},
{
"name": "CVE-2019-16776",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16776"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-6779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6779"
},
{
"name": "CVE-2022-28738",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28738"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2024-8508",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8508"
},
{
"name": "CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"name": "CVE-2025-41248",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41248"
},
{
"name": "CVE-2022-49043",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49043"
},
{
"name": "CVE-2015-2624",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2624"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2025-40364",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40364"
},
{
"name": "CVE-2023-29491",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29491"
},
{
"name": "CVE-2025-38068",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38068"
},
{
"name": "CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"name": "CVE-2013-2064",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2064"
},
{
"name": "CVE-2025-38401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38401"
},
{
"name": "CVE-2025-21772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21772"
},
{
"name": "CVE-2021-20266",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20266"
},
{
"name": "CVE-2022-21271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21271"
},
{
"name": "CVE-2024-58070",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58070"
},
{
"name": "CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-34447",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34447"
},
{
"name": "CVE-2020-25663",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25663"
},
{
"name": "CVE-2022-0156",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0156"
},
{
"name": "CVE-2025-21914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21914"
},
{
"name": "CVE-2024-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58057"
},
{
"name": "CVE-2025-0306",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0306"
},
{
"name": "CVE-2025-1371",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1371"
},
{
"name": "CVE-2024-12798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12798"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2024-58007",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58007"
},
{
"name": "CVE-2023-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1355"
},
{
"name": "CVE-2025-21995",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21995"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2025-21868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21868"
},
{
"name": "CVE-2025-0938",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0938"
},
{
"name": "CVE-2025-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5372"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-37967",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37967"
},
{
"name": "CVE-2022-22844",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22844"
},
{
"name": "CVE-2025-21915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21915"
},
{
"name": "CVE-2019-13232",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13232"
},
{
"name": "CVE-2025-27210",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27210"
},
{
"name": "CVE-2025-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38102"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2025-21792",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21792"
},
{
"name": "CVE-2015-2654",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2654"
},
{
"name": "CVE-2025-55560",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55560"
},
{
"name": "CVE-2025-21728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21728"
},
{
"name": "CVE-2024-58018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58018"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2022-1210",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1210"
},
{
"name": "CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2015-4778",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4778"
},
{
"name": "CVE-2023-42670",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42670"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2024-58090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58090"
},
{
"name": "CVE-2025-59842",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59842"
},
{
"name": "CVE-2025-49125",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49125"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2024-27766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27766"
},
{
"name": "CVE-2025-37958",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37958"
},
{
"name": "CVE-2025-21714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21714"
},
{
"name": "CVE-2024-58078",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58078"
},
{
"name": "CVE-2023-32636",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32636"
},
{
"name": "CVE-2023-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6277"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2025-38399",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38399"
},
{
"name": "CVE-2025-21972",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21972"
},
{
"name": "CVE-2025-38065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38065"
},
{
"name": "CVE-2025-38459",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38459"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2023-34153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34153"
},
{
"name": "CVE-2023-3618",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3618"
},
{
"name": "CVE-2020-14153",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14153"
},
{
"name": "CVE-2022-1114",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1114"
},
{
"name": "CVE-2023-48233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48233"
},
{
"name": "CVE-2025-38412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38412"
},
{
"name": "CVE-2025-38031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38031"
},
{
"name": "CVE-2023-4813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4813"
},
{
"name": "CVE-2022-21626",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21626"
},
{
"name": "CVE-2011-2207",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2207"
},
{
"name": "CVE-2025-54874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54874"
},
{
"name": "CVE-2017-3617",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3617"
},
{
"name": "CVE-2024-53124",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53124"
},
{
"name": "CVE-2025-38293",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38293"
},
{
"name": "CVE-2025-58057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58057"
},
{
"name": "CVE-2025-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21830"
},
{
"name": "CVE-2018-12600",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12600"
},
{
"name": "CVE-2025-4877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4877"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2020-14781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14781"
},
{
"name": "CVE-2016-3189",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3189"
},
{
"name": "CVE-2023-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4154"
},
{
"name": "CVE-2025-38184",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38184"
},
{
"name": "CVE-2017-3615",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3615"
},
{
"name": "CVE-2022-0714",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0714"
},
{
"name": "CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2025-9340",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9340"
},
{
"name": "CVE-2023-24758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24758"
},
{
"name": "CVE-2025-55552",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55552"
},
{
"name": "CVE-2025-30683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30683"
},
{
"name": "CVE-2025-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30699"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2024-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4030"
},
{
"name": "CVE-2025-27587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27587"
},
{
"name": "CVE-2016-7531",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7531"
},
{
"name": "CVE-2006-3082",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-3082"
},
{
"name": "CVE-2023-5341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5341"
},
{
"name": "CVE-2025-8534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8534"
},
{
"name": "CVE-2025-21767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21767"
},
{
"name": "CVE-2025-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3262"
},
{
"name": "CVE-2025-21986",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21986"
},
{
"name": "CVE-2025-22866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
},
{
"name": "CVE-2025-1390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1390"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-0743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0743"
},
{
"name": "CVE-2025-21961",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21961"
},
{
"name": "CVE-2025-38458",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38458"
},
{
"name": "CVE-2025-6297",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6297"
},
{
"name": "CVE-2016-10062",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10062"
},
{
"name": "CVE-2025-21764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21764"
},
{
"name": "CVE-2024-57974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57974"
},
{
"name": "CVE-2024-58093",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58093"
},
{
"name": "CVE-2023-34152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34152"
},
{
"name": "CVE-2022-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43249"
},
{
"name": "CVE-2025-38034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38034"
},
{
"name": "CVE-2024-58085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58085"
},
{
"name": "CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"name": "CVE-2017-3608",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3608"
},
{
"name": "CVE-2025-47268",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47268"
},
{
"name": "CVE-2025-21690",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21690"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2024-57996",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57996"
},
{
"name": "CVE-2025-38135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38135"
},
{
"name": "CVE-2023-28484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28484"
},
{
"name": "CVE-2022-43242",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43242"
},
{
"name": "CVE-2019-2708",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-2708"
},
{
"name": "CVE-2025-38312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38312"
},
{
"name": "CVE-2016-0692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0692"
},
{
"name": "CVE-2019-14844",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14844"
},
{
"name": "CVE-2022-21366",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21366"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-38464",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38464"
},
{
"name": "CVE-2025-21946",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21946"
},
{
"name": "CVE-2025-21838",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21838"
},
{
"name": "CVE-2025-21982",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21982"
},
{
"name": "CVE-2025-21867",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21867"
},
{
"name": "CVE-2025-21666",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21666"
},
{
"name": "CVE-2023-0802",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0802"
},
{
"name": "CVE-2025-53859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53859"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2025-21828",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21828"
},
{
"name": "CVE-2023-47038",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47038"
},
{
"name": "CVE-2025-23167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23167"
},
{
"name": "CVE-2025-38363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38363"
},
{
"name": "CVE-2025-21704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21704"
},
{
"name": "CVE-2025-21936",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21936"
},
{
"name": "CVE-2022-0865",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0865"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2025-38319",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38319"
},
{
"name": "CVE-2025-43859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43859"
},
{
"name": "CVE-2024-58013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58013"
},
{
"name": "CVE-2022-0529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0529"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2016-7514",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7514"
},
{
"name": "CVE-2015-4782",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4782"
},
{
"name": "CVE-2025-21909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21909"
},
{
"name": "CVE-2022-2056",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2056"
},
{
"name": "CVE-2025-9092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9092"
},
{
"name": "CVE-2025-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21766"
},
{
"name": "CVE-2025-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38457"
},
{
"name": "CVE-2024-54677",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54677"
},
{
"name": "CVE-2021-3598",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3598"
},
{
"name": "CVE-2025-21880",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21880"
},
{
"name": "CVE-2025-50094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50094"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2025-21959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21959"
},
{
"name": "CVE-2024-38809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38809"
},
{
"name": "CVE-2025-38212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38212"
},
{
"name": "CVE-2017-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3610"
},
{
"name": "CVE-2023-1264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1264"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2024-58266",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58266"
},
{
"name": "CVE-2025-38298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38298"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2025-50098",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50098"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2018-1000076",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076"
},
{
"name": "CVE-2022-4293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4293"
},
{
"name": "CVE-2025-37974",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37974"
},
{
"name": "CVE-2025-5915",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5915"
},
{
"name": "CVE-2024-57834",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57834"
},
{
"name": "CVE-2025-55197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55197"
},
{
"name": "CVE-2022-32743",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32743"
},
{
"name": "CVE-2025-55558",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55558"
},
{
"name": "CVE-2022-21291",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21291"
},
{
"name": "CVE-2024-58017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58017"
},
{
"name": "CVE-2025-5917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5917"
},
{
"name": "CVE-2025-26603",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26603"
},
{
"name": "CVE-2023-35116",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35116"
},
{
"name": "CVE-2025-38078",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38078"
},
{
"name": "CVE-2025-21809",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21809"
},
{
"name": "CVE-2025-38419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38419"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2021-32490",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32490"
},
{
"name": "CVE-2020-27768",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27768"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-50086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50086"
},
{
"name": "CVE-2016-5118",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5118"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2023-46045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46045"
},
{
"name": "CVE-2025-37889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37889"
},
{
"name": "CVE-2021-3995",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3995"
},
{
"name": "CVE-2015-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4788"
},
{
"name": "CVE-2025-55557",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55557"
},
{
"name": "CVE-2024-12085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12085"
},
{
"name": "CVE-2022-24599",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24599"
},
{
"name": "CVE-2025-21981",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21981"
},
{
"name": "CVE-2025-38211",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38211"
},
{
"name": "CVE-2025-2999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2999"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2025-21910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21910"
},
{
"name": "CVE-2021-35452",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35452"
},
{
"name": "CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2020-10251",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10251"
},
{
"name": "CVE-2024-11584",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11584"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2020-2981",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2981"
},
{
"name": "CVE-2025-21745",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21745"
},
{
"name": "CVE-2025-21791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21791"
},
{
"name": "CVE-2020-18781",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18781"
},
{
"name": "CVE-2025-7709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7709"
},
{
"name": "CVE-2024-52559",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52559"
},
{
"name": "CVE-2025-38077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38077"
},
{
"name": "CVE-2025-38251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38251"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2025-38120",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38120"
},
{
"name": "CVE-2017-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7186"
},
{
"name": "CVE-2025-38285",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38285"
},
{
"name": "CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"name": "CVE-2025-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37750"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2025-21795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21795"
},
{
"name": "CVE-2025-8194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8194"
},
{
"name": "CVE-2025-22014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22014"
},
{
"name": "CVE-2025-38161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38161"
},
{
"name": "CVE-2025-9640",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9640"
},
{
"name": "CVE-2022-1897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1897"
},
{
"name": "CVE-2022-43248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43248"
},
{
"name": "CVE-2016-3418",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3418"
},
{
"name": "CVE-2022-29824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29824"
},
{
"name": "CVE-2024-58081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58081"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2024-11053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11053"
},
{
"name": "CVE-2024-7264",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7264"
},
{
"name": "CVE-2025-21814",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21814"
},
{
"name": "CVE-2025-50082",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50082"
},
{
"name": "CVE-2017-6829",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6829"
},
{
"name": "CVE-2025-32462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
},
{
"name": "CVE-2025-40027",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40027"
},
{
"name": "CVE-2025-50097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50097"
},
{
"name": "CVE-2021-4214",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4214"
},
{
"name": "CVE-2025-21911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21911"
},
{
"name": "CVE-2023-24752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24752"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2024-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21742"
},
{
"name": "CVE-2022-43245",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43245"
},
{
"name": "CVE-2015-2656",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2656"
},
{
"name": "CVE-2025-50084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50084"
},
{
"name": "CVE-2018-9133",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9133"
},
{
"name": "CVE-2025-50079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50079"
},
{
"name": "CVE-2025-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38115"
},
{
"name": "CVE-2025-21758",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21758"
},
{
"name": "CVE-2023-0767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0767"
},
{
"name": "CVE-2025-21816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21816"
},
{
"name": "CVE-2025-1795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1795"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2025-21996",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21996"
},
{
"name": "CVE-2021-36410",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36410"
},
{
"name": "CVE-2025-21780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21780"
},
{
"name": "CVE-2017-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3612"
},
{
"name": "CVE-2024-12705",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12705"
},
{
"name": "CVE-2025-38153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38153"
},
{
"name": "CVE-2025-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21787"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31439"
},
{
"name": "CVE-2023-51074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51074"
},
{
"name": "CVE-2023-23915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23915"
},
{
"name": "CVE-2025-4517",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4517"
},
{
"name": "CVE-2018-1000074",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074"
},
{
"name": "CVE-2025-37785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37785"
},
{
"name": "CVE-2025-21776",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21776"
},
{
"name": "CVE-2024-58003",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58003"
},
{
"name": "CVE-2025-21917",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21917"
},
{
"name": "CVE-2025-21706",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21706"
},
{
"name": "CVE-2025-48964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48964"
},
{
"name": "CVE-2025-55193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55193"
},
{
"name": "CVE-2025-38395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38395"
},
{
"name": "CVE-2023-29499",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29499"
},
{
"name": "CVE-2025-21574",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21574"
},
{
"name": "CVE-2022-42011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42011"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2025-38337",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38337"
},
{
"name": "CVE-2025-21957",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21957"
},
{
"name": "CVE-2025-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38727"
},
{
"name": "CVE-2022-41720",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41720"
},
{
"name": "CVE-2024-1013",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1013"
},
{
"name": "CVE-2022-0319",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0319"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2025-30258",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30258"
},
{
"name": "CVE-2025-21999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21999"
},
{
"name": "CVE-2025-4565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4565"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2025-38465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38465"
},
{
"name": "CVE-2024-56406",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56406"
},
{
"name": "CVE-2025-38513",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38513"
},
{
"name": "CVE-2025-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21736"
},
{
"name": "CVE-2025-21997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21997"
},
{
"name": "CVE-2025-21741",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21741"
},
{
"name": "CVE-2020-18032",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-18032"
},
{
"name": "CVE-2017-6833",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6833"
},
{
"name": "CVE-2025-21808",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21808"
},
{
"name": "CVE-2019-8324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8324"
},
{
"name": "CVE-2020-2754",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2754"
},
{
"name": "CVE-2025-38086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38086"
},
{
"name": "CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"name": "CVE-2024-58076",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58076"
},
{
"name": "CVE-2023-24751",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24751"
},
{
"name": "CVE-2025-21708",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21708"
},
{
"name": "CVE-2015-4784",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4784"
},
{
"name": "CVE-2021-4048",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4048"
},
{
"name": "CVE-2023-4527",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4527"
},
{
"name": "CVE-2022-2980",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2980"
},
{
"name": "CVE-2025-5278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5278"
},
{
"name": "CVE-2025-21992",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21992"
},
{
"name": "CVE-2025-21720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21720"
},
{
"name": "CVE-2025-32463",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32463"
},
{
"name": "CVE-2015-7747",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7747"
},
{
"name": "CVE-2025-52999",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2024-41965",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41965"
},
{
"name": "CVE-2020-14796",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14796"
},
{
"name": "CVE-2024-56433",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56433"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2025-55004",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55004"
},
{
"name": "CVE-2014-8139",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8139"
},
{
"name": "CVE-2025-21580",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21580"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-5318",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5318"
},
{
"name": "CVE-2025-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38003"
},
{
"name": "CVE-2025-38441",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38441"
},
{
"name": "CVE-2023-51767",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51767"
},
{
"name": "CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"name": "CVE-2023-6918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6918"
},
{
"name": "CVE-2023-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38037"
},
{
"name": "CVE-2012-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5783"
},
{
"name": "CVE-2022-2519",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2519"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-53023",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53023"
},
{
"name": "CVE-2025-21711",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21711"
},
{
"name": "CVE-2025-2998",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2998"
},
{
"name": "CVE-2023-51792",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51792"
},
{
"name": "CVE-2021-20313",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20313"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2023-23931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23931"
},
{
"name": "CVE-2025-21575",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21575"
},
{
"name": "CVE-2025-21978",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21978"
},
{
"name": "CVE-2019-16777",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16777"
},
{
"name": "CVE-2025-21760",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21760"
},
{
"name": "CVE-2023-45913",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45913"
},
{
"name": "CVE-2018-13153",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13153"
},
{
"name": "CVE-2022-0530",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0530"
},
{
"name": "CVE-2023-48236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48236"
},
{
"name": "CVE-2025-21947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21947"
},
{
"name": "CVE-2025-21913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21913"
},
{
"name": "CVE-2023-34474",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34474"
},
{
"name": "CVE-2025-21665",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21665"
},
{
"name": "CVE-2025-38227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38227"
},
{
"name": "CVE-2018-1000079",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079"
},
{
"name": "CVE-2025-4435",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4435"
},
{
"name": "CVE-2024-58079",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58079"
},
{
"name": "CVE-2025-21966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21966"
},
{
"name": "CVE-2025-21577",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21577"
},
{
"name": "CVE-2021-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45931"
},
{
"name": "CVE-2025-38079",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38079"
},
{
"name": "CVE-2021-28544",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28544"
},
{
"name": "CVE-2021-46828",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46828"
},
{
"name": "CVE-2025-21734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21734"
},
{
"name": "CVE-2025-32728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32728"
},
{
"name": "CVE-2023-2804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2804"
},
{
"name": "CVE-2025-21970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21970"
},
{
"name": "CVE-2021-44964",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44964"
},
{
"name": "CVE-2025-6141",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6141"
},
{
"name": "CVE-2022-42012",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42012"
},
{
"name": "CVE-2018-14437",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14437"
},
{
"name": "CVE-2024-13978",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-13978"
},
{
"name": "CVE-2025-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21890"
},
{
"name": "CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"name": "CVE-2021-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3596"
},
{
"name": "CVE-2025-21916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21916"
},
{
"name": "CVE-2025-21925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21925"
},
{
"name": "CVE-2024-57883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57883"
},
{
"name": "CVE-2022-21628",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21628"
},
{
"name": "CVE-2017-6830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6830"
},
{
"name": "CVE-2025-21927",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21927"
},
{
"name": "CVE-2021-3520",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3520"
},
{
"name": "CVE-2024-47814",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47814"
},
{
"name": "CVE-2022-2923",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2923"
},
{
"name": "CVE-2025-21799",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21799"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2025-6020",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6020"
},
{
"name": "CVE-2015-2626",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2626"
},
{
"name": "CVE-2024-45336",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
},
{
"name": "CVE-2025-21748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21748"
},
{
"name": "CVE-2025-21785",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21785"
},
{
"name": "CVE-2020-10029",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10029"
},
{
"name": "CVE-2025-7425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7425"
},
{
"name": "CVE-2023-3978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3978"
},
{
"name": "CVE-2021-46310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46310"
},
{
"name": "CVE-2022-36227",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36227"
},
{
"name": "CVE-2021-2369",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2369"
},
{
"name": "CVE-2025-21883",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21883"
},
{
"name": "CVE-2023-29469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29469"
},
{
"name": "CVE-2024-5535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5535"
},
{
"name": "CVE-2025-38074",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38074"
},
{
"name": "CVE-2024-58086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58086"
},
{
"name": "CVE-2025-38119",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38119"
},
{
"name": "CVE-2025-38245",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38245"
},
{
"name": "CVE-2022-37454",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37454"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2025-21898",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21898"
},
{
"name": "CVE-2020-14152",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14152"
},
{
"name": "CVE-2025-38324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38324"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2021-36976",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36976"
},
{
"name": "CVE-2024-58051",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58051"
},
{
"name": "CVE-2023-3164",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3164"
},
{
"name": "CVE-2022-3597",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3597"
},
{
"name": "CVE-2023-27535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27535"
},
{
"name": "CVE-2022-27775",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27775"
},
{
"name": "CVE-2024-56337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56337"
},
{
"name": "CVE-2024-12718",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12718"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2025-9390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9390"
},
{
"name": "CVE-2025-62813",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62813"
},
{
"name": "CVE-2025-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21857"
},
{
"name": "CVE-2019-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9904"
},
{
"name": "CVE-2025-23085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23085"
},
{
"name": "CVE-2022-42919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42919"
},
{
"name": "CVE-2024-0450",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0450"
},
{
"name": "CVE-2025-9165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9165"
},
{
"name": "CVE-2023-1981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1981"
},
{
"name": "CVE-2023-30571",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30571"
},
{
"name": "CVE-2022-2231",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2231"
},
{
"name": "CVE-2025-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46150"
},
{
"name": "CVE-2024-12801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12801"
},
{
"name": "CVE-2024-5642",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5642"
},
{
"name": "CVE-2024-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3219"
},
{
"name": "CVE-2025-21812",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21812"
},
{
"name": "CVE-2015-4781",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4781"
},
{
"name": "CVE-2023-23914",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23914"
},
{
"name": "CVE-2025-38542",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38542"
},
{
"name": "CVE-2025-38344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38344"
},
{
"name": "CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"name": "CVE-2025-37797",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37797"
},
{
"name": "CVE-2025-21848",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21848"
},
{
"name": "CVE-2021-3999",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3999"
},
{
"name": "CVE-2012-6153",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6153"
},
{
"name": "CVE-2025-38088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38088"
},
{
"name": "CVE-2025-50096",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50096"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2024-47554",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47554"
},
{
"name": "CVE-2022-27774",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27774"
},
{
"name": "CVE-2025-21683",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21683"
},
{
"name": "CVE-2025-38332",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38332"
},
{
"name": "CVE-2020-35492",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35492"
},
{
"name": "CVE-2025-21908",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21908"
},
{
"name": "CVE-2023-1289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1289"
},
{
"name": "CVE-2025-38386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38386"
},
{
"name": "CVE-2023-6349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6349"
},
{
"name": "CVE-2024-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2004"
},
{
"name": "CVE-2017-3605",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3605"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2022-40303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40303"
},
{
"name": "CVE-2023-0801",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0801"
},
{
"name": "CVE-2025-9341",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9341"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2017-7244",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7244"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2025-21895",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21895"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1377"
},
{
"name": "CVE-2025-30705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30705"
},
{
"name": "CVE-2018-16412",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16412"
},
{
"name": "CVE-2025-22005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22005"
},
{
"name": "CVE-2019-6462",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-6462"
},
{
"name": "CVE-2025-21935",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21935"
},
{
"name": "CVE-2022-4645",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4645"
},
{
"name": "CVE-2021-32493",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32493"
},
{
"name": "CVE-2023-24754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24754"
},
{
"name": "CVE-2020-29509",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29509"
},
{
"name": "CVE-2023-5568",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5568"
},
{
"name": "CVE-2023-38470",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38470"
},
{
"name": "CVE-2025-21675",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21675"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2025-38237",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38237"
},
{
"name": "CVE-2025-38174",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38174"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-21587",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
},
{
"name": "CVE-2022-2869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2869"
},
{
"name": "CVE-2021-4189",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4189"
},
{
"name": "CVE-2025-50088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50088"
},
{
"name": "CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"name": "CVE-2023-35945",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35945"
},
{
"name": "CVE-2024-45993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45993"
},
{
"name": "CVE-2025-6170",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6170"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-58019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58019"
},
{
"name": "CVE-2025-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9900"
},
{
"name": "CVE-2024-26146",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26146"
},
{
"name": "CVE-2025-21888",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21888"
},
{
"name": "CVE-2025-21866",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21866"
},
{
"name": "CVE-2023-40745",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40745"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2025-3730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3730"
},
{
"name": "CVE-2025-22010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22010"
},
{
"name": "CVE-2024-25260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25260"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2025-38037",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38037"
},
{
"name": "CVE-2017-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3609"
},
{
"name": "CVE-2024-57990",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57990"
},
{
"name": "CVE-2021-29921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29921"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2014-9636",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9636"
},
{
"name": "CVE-2025-5351",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5351"
},
{
"name": "CVE-2025-52520",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52520"
},
{
"name": "CVE-2022-1622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1622"
},
{
"name": "CVE-2017-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3611"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2022-2521",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2521"
},
{
"name": "CVE-2023-49582",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49582"
},
{
"name": "CVE-2025-43857",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43857"
},
{
"name": "CVE-2025-31344",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31344"
},
{
"name": "CVE-2025-21976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21976"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2024-57975",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57975"
},
{
"name": "CVE-2020-14581",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14581"
},
{
"name": "CVE-2024-7254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7254"
},
{
"name": "CVE-2021-32491",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32491"
},
{
"name": "CVE-2025-50077",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50077"
},
{
"name": "CVE-2022-2309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2309"
},
{
"name": "CVE-2024-52533",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52533"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22025"
},
{
"name": "CVE-2021-43527",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43527"
},
{
"name": "CVE-2022-0924",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0924"
},
{
"name": "CVE-2025-24014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24014"
},
{
"name": "CVE-2022-33068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33068"
},
{
"name": "CVE-2025-38342",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38342"
},
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2024-58068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58068"
},
{
"name": "CVE-2025-23083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23083"
},
{
"name": "CVE-2015-4777",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4777"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-38167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38167"
},
{
"name": "CVE-2022-42915",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42915"
},
{
"name": "CVE-2023-0687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0687"
},
{
"name": "CVE-2024-57998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57998"
},
{
"name": "CVE-2021-3426",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3426"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-1304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1304"
},
{
"name": "CVE-2021-2388",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-2388"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2025-38257",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38257"
},
{
"name": "CVE-2022-29458",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29458"
},
{
"name": "CVE-2025-38206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38206"
},
{
"name": "CVE-2019-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12900"
},
{
"name": "CVE-2023-5156",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5156"
},
{
"name": "CVE-2024-39908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39908"
},
{
"name": "CVE-2025-27220",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27220"
},
{
"name": "CVE-2021-32256",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32256"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2024-38950",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38950"
},
{
"name": "CVE-2025-55163",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55163"
},
{
"name": "CVE-2025-21862",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21862"
},
{
"name": "CVE-2023-47282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47282"
},
{
"name": "CVE-2016-20012",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-20012"
},
{
"name": "CVE-2025-38111",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38111"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2022-44638",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44638"
},
{
"name": "CVE-2019-8325",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8325"
},
{
"name": "CVE-2025-21950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21950"
},
{
"name": "CVE-2025-5918",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5918"
},
{
"name": "CVE-2019-3792",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3792"
},
{
"name": "CVE-2022-43235",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43235"
},
{
"name": "CVE-2025-50092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50092"
},
{
"name": "CVE-2025-50099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50099"
},
{
"name": "CVE-2017-3614",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3614"
},
{
"name": "CVE-2022-0562",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0562"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2025-22001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22001"
},
{
"name": "CVE-2024-10524",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10524"
},
{
"name": "CVE-2025-40017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40017"
},
{
"name": "CVE-2023-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45919"
},
{
"name": "CVE-2025-38326",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38326"
},
{
"name": "CVE-2025-3263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3263"
},
{
"name": "CVE-2025-4878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4878"
},
{
"name": "CVE-2018-15607",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-15607"
},
{
"name": "CVE-2025-21899",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21899"
},
{
"name": "CVE-2025-32990",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32990"
},
{
"name": "CVE-2025-38384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38384"
},
{
"name": "CVE-2025-40778",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40778"
},
{
"name": "CVE-2025-21719",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21719"
},
{
"name": "CVE-2025-38424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38424"
},
{
"name": "CVE-2025-38430",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38430"
},
{
"name": "CVE-2025-21718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21718"
},
{
"name": "CVE-2025-3001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3001"
},
{
"name": "CVE-2025-9288",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2022-32545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32545"
},
{
"name": "CVE-2025-21694",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21694"
},
{
"name": "CVE-2025-41244",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41244"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2023-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2603"
},
{
"name": "CVE-2025-21820",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21820"
},
{
"name": "CVE-2017-6838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6838"
},
{
"name": "CVE-2024-41946",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41946"
},
{
"name": "CVE-2025-4802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4802"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-41817",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41817"
},
{
"name": "CVE-2024-57979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57979"
},
{
"name": "CVE-2024-58071",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58071"
},
{
"name": "CVE-2025-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21994"
},
{
"name": "CVE-2025-30684",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30684"
},
{
"name": "CVE-2017-6835",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6835"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2024-9143",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-9143"
},
{
"name": "CVE-2023-0799",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0799"
},
{
"name": "CVE-2024-12087",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12087"
},
{
"name": "CVE-2025-38420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38420"
},
{
"name": "CVE-2021-3521",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3521"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-21365",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21365"
},
{
"name": "CVE-2025-21943",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21943"
},
{
"name": "CVE-2019-16775",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16775"
},
{
"name": "CVE-2024-57997",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57997"
},
{
"name": "CVE-2025-38160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38160"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2025-32989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32989"
},
{
"name": "CVE-2025-6051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6051"
},
{
"name": "CVE-2022-21283",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21283"
},
{
"name": "CVE-2022-31782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31782"
},
{
"name": "CVE-2025-50093",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50093"
},
{
"name": "CVE-2025-38107",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38107"
},
{
"name": "CVE-2025-32434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32434"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-53069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53069"
},
{
"name": "CVE-2025-38085",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38085"
},
{
"name": "CVE-2025-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21806"
},
{
"name": "CVE-2025-38222",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38222"
},
{
"name": "CVE-2025-38197",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38197"
},
{
"name": "CVE-2022-1271",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1271"
},
{
"name": "CVE-2024-28085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28085"
},
{
"name": "CVE-2022-43253",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43253"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2024-57977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57977"
},
{
"name": "CVE-2018-1000075",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075"
},
{
"name": "CVE-2025-53019",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53019"
},
{
"name": "CVE-2020-14782",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14782"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2024-5569",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5569"
},
{
"name": "CVE-2024-57952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57952"
},
{
"name": "CVE-2025-53367",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53367"
},
{
"name": "CVE-2025-21579",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21579"
},
{
"name": "CVE-2021-45942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45942"
},
{
"name": "CVE-2022-1615",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1615"
},
{
"name": "CVE-2025-21928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21928"
},
{
"name": "CVE-2021-20246",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20246"
},
{
"name": "CVE-2025-21707",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21707"
},
{
"name": "CVE-2023-24755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24755"
},
{
"name": "CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2025-5025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5025"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2025-22007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22007"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2024-27281",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27281"
},
{
"name": "CVE-2025-38467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38467"
},
{
"name": "CVE-2024-34459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34459"
},
{
"name": "CVE-2025-21804",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21804"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-3737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3737"
},
{
"name": "CVE-2025-49795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49795"
},
{
"name": "CVE-2017-6837",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6837"
},
{
"name": "CVE-2014-9913",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9913"
},
{
"name": "CVE-2025-21934",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21934"
},
{
"name": "CVE-2025-38072",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38072"
},
{
"name": "CVE-2025-53044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53044"
},
{
"name": "CVE-2023-6237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6237"
},
{
"name": "CVE-2024-37407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37407"
},
{
"name": "CVE-2015-4775",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4775"
},
{
"name": "CVE-2025-22011",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22011"
},
{
"name": "CVE-2022-1725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1725"
},
{
"name": "CVE-2022-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43252"
},
{
"name": "CVE-2023-0614",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0614"
},
{
"name": "CVE-2016-0694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0694"
},
{
"name": "CVE-2023-6228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6228"
},
{
"name": "CVE-2021-46848",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-46848"
},
{
"name": "CVE-2024-5197",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-5197"
},
{
"name": "CVE-2020-21606",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21606"
},
{
"name": "CVE-2025-38075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38075"
},
{
"name": "CVE-2025-38000",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38000"
},
{
"name": "CVE-2022-40674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40674"
},
{
"name": "CVE-2025-1376",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1376"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2001-1269",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1269"
},
{
"name": "CVE-2025-50087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50087"
},
{
"name": "CVE-2024-22365",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22365"
},
{
"name": "CVE-2025-38058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38058"
},
{
"name": "CVE-2023-20873",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20873"
},
{
"name": "CVE-2024-47535",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47535"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2025-38617",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38617"
},
{
"name": "CVE-2025-21762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21762"
},
{
"name": "CVE-2023-47169",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47169"
},
{
"name": "CVE-2025-38122",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38122"
},
{
"name": "CVE-2025-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21801"
},
{
"name": "CVE-2024-7592",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7592"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
},
{
"name": "CVE-2025-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38083"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-0795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0795"
},
{
"name": "CVE-2015-2583",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2583"
},
{
"name": "CVE-2025-21692",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21692"
},
{
"name": "CVE-2025-38173",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38173"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2025-2148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2148"
},
{
"name": "CVE-2024-2236",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2236"
},
{
"name": "CVE-2025-38143",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38143"
},
{
"name": "CVE-2023-4039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4039"
},
{
"name": "CVE-2025-45768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45768"
},
{
"name": "CVE-2023-38469",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38469"
},
{
"name": "CVE-2024-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38428"
},
{
"name": "CVE-2022-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3821"
},
{
"name": "CVE-2014-3577",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3577"
},
{
"name": "CVE-2025-21869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21869"
},
{
"name": "CVE-2025-1365",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1365"
},
{
"name": "CVE-2023-32570",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32570"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2023-52970",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52970"
},
{
"name": "CVE-2022-3996",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3996"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2016-5841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5841"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2025-53101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53101"
},
{
"name": "CVE-2022-32205",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32205"
},
{
"name": "CVE-2023-27534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27534"
},
{
"name": "CVE-2024-2398",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2398"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-27536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27536"
},
{
"name": "CVE-2025-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52434"
},
{
"name": "CVE-2024-54458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54458"
},
{
"name": "CVE-2022-44267",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44267"
},
{
"name": "CVE-2024-26141",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26141"
},
{
"name": "CVE-2015-4783",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4783"
},
{
"name": "CVE-2019-8321",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8321"
},
{
"name": "CVE-2025-21826",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21826"
},
{
"name": "CVE-2025-29768",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29768"
},
{
"name": "CVE-2015-4774",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4774"
},
{
"name": "CVE-2023-50495",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50495"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-21294",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21294"
},
{
"name": "CVE-2025-21750",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21750"
},
{
"name": "CVE-2017-11164",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11164"
},
{
"name": "CVE-2024-57924",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57924"
},
{
"name": "CVE-2025-21912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21912"
},
{
"name": "CVE-2018-13440",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13440"
},
{
"name": "CVE-2022-42898",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42898"
},
{
"name": "CVE-2025-46393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46393"
},
{
"name": "CVE-2022-43551",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43551"
},
{
"name": "CVE-2021-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0561"
},
{
"name": "CVE-2018-12599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12599"
},
{
"name": "CVE-2025-21859",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21859"
},
{
"name": "CVE-2025-38416",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38416"
},
{
"name": "CVE-2022-1587",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1587"
},
{
"name": "CVE-2025-21825",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21825"
},
{
"name": "CVE-2025-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
},
{
"name": "CVE-2017-7246",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7246"
},
{
"name": "CVE-2020-2755",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2755"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2023-27533",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27533"
},
{
"name": "CVE-2022-0284",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0284"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-49124",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49124"
},
{
"name": "CVE-2023-6481",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6481"
},
{
"name": "CVE-2024-58016",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58016"
},
{
"name": "CVE-2020-14779",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14779"
},
{
"name": "CVE-2025-21903",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21903"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-32292",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32292"
},
{
"name": "CVE-2025-38194",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38194"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-6378",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6378"
},
{
"name": "CVE-2024-10041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10041"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-34903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34903"
},
{
"name": "CVE-2023-1667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1667"
},
{
"name": "CVE-2022-2953",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2953"
},
{
"name": "CVE-2022-43238",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43238"
},
{
"name": "CVE-2025-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3121"
},
{
"name": "CVE-2022-4899",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4899"
},
{
"name": "CVE-2022-43680",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43680"
},
{
"name": "CVE-2025-21956",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21956"
},
{
"name": "CVE-2024-20696",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20696"
},
{
"name": "CVE-2025-21761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21761"
},
{
"name": "CVE-2025-46149",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46149"
},
{
"name": "CVE-2021-26945",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26945"
},
{
"name": "CVE-2025-37932",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37932"
},
{
"name": "CVE-2022-3219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3219"
},
{
"name": "CVE-2025-46152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46152"
},
{
"name": "CVE-2025-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37890"
},
{
"name": "CVE-2024-57951",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57951"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2025-38348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38348"
},
{
"name": "CVE-2023-34969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34969"
},
{
"name": "CVE-2025-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21844"
},
{
"name": "CVE-2025-21885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21885"
},
{
"name": "CVE-2020-22916",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-22916"
},
{
"name": "CVE-2025-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21784"
},
{
"name": "CVE-2025-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31672"
},
{
"name": "CVE-2025-21681",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21681"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2025-38540",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38540"
},
{
"name": "CVE-2025-5916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5916"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2025-30721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30721"
},
{
"name": "CVE-2025-38403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38403"
},
{
"name": "CVE-2022-28463",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28463"
},
{
"name": "CVE-2022-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23308"
},
{
"name": "CVE-2025-21726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21726"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2025-58056",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58056"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2018-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-3779"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2020-28196",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28196"
},
{
"name": "CVE-2024-27407",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27407"
},
{
"name": "CVE-2025-41232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41232"
},
{
"name": "CVE-2024-58020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58020"
},
{
"name": "CVE-2025-50091",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50091"
},
{
"name": "CVE-2025-10911",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10911"
},
{
"name": "CVE-2025-32988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32988"
},
{
"name": "CVE-2021-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31566"
},
{
"name": "CVE-2024-10963",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-10963"
},
{
"name": "CVE-2022-28805",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28805"
},
{
"name": "CVE-2024-26461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26461"
},
{
"name": "CVE-2024-34750",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34750"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2017-3604",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3604"
},
{
"name": "CVE-2025-21723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21723"
},
{
"name": "CVE-2023-0804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0804"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2024-24787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24787"
},
{
"name": "CVE-2025-21802",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21802"
},
{
"name": "CVE-2022-21341",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21341"
},
{
"name": "CVE-2025-38146",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38146"
},
{
"name": "CVE-2025-21705",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21705"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2023-27538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27538"
},
{
"name": "CVE-2022-1355",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1355"
},
{
"name": "CVE-2025-47291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47291"
},
{
"name": "CVE-2023-4641",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4641"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-36054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36054"
},
{
"name": "CVE-2024-26458",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26458"
},
{
"name": "CVE-2025-38418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38418"
},
{
"name": "CVE-2025-38090",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38090"
},
{
"name": "CVE-2025-21721",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21721"
},
{
"name": "CVE-2025-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21810"
},
{
"name": "CVE-2022-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1420"
},
{
"name": "CVE-2022-23218",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23218"
},
{
"name": "CVE-2021-24031",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24031"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2025-46153",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46153"
},
{
"name": "CVE-2025-21877",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21877"
},
{
"name": "CVE-2023-0797",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0797"
},
{
"name": "CVE-2025-5994",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5994"
},
{
"name": "CVE-2021-38115",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38115"
},
{
"name": "CVE-2025-38415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38415"
},
{
"name": "CVE-2021-31879",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31879"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2020-8908",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8908"
},
{
"name": "CVE-2024-49887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49887"
},
{
"name": "CVE-2025-22134",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22134"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2025-1215",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1215"
},
{
"name": "CVE-2024-6119",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6119"
},
{
"name": "CVE-2023-1916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1916"
},
{
"name": "CVE-2021-20309",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20309"
},
{
"name": "CVE-2022-29217",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29217"
},
{
"name": "CVE-2024-0397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0397"
},
{
"name": "CVE-2022-30634",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30634"
},
{
"name": "CVE-2023-38472",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38472"
},
{
"name": "CVE-2024-56826",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56826"
},
{
"name": "CVE-2017-12643",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12643"
},
{
"name": "CVE-2024-57953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57953"
},
{
"name": "CVE-2020-14583",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14583"
},
{
"name": "CVE-2025-24294",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24294"
},
{
"name": "CVE-2023-48232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48232"
},
{
"name": "CVE-2021-26720",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26720"
},
{
"name": "CVE-2025-54801",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54801"
},
{
"name": "CVE-2025-40909",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40909"
},
{
"name": "CVE-2025-53054",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53054"
},
{
"name": "CVE-2025-21878",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21878"
},
{
"name": "CVE-2023-24756",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24756"
},
{
"name": "CVE-2017-3607",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3607"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2022-2520",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2520"
},
{
"name": "CVE-2022-21340",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21340"
},
{
"name": "CVE-2024-47874",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47874"
},
{
"name": "CVE-2025-21670",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21670"
},
{
"name": "CVE-2025-9403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9403"
},
{
"name": "CVE-2023-1255",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1255"
},
{
"name": "CVE-2025-21739",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21739"
},
{
"name": "CVE-2016-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4074"
},
{
"name": "CVE-2024-0746",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0746"
},
{
"name": "CVE-2025-21775",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21775"
},
{
"name": "CVE-2024-12254",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12254"
},
{
"name": "CVE-2025-21846",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21846"
},
{
"name": "CVE-2022-33099",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-33099"
},
{
"name": "CVE-2023-45931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45931"
},
{
"name": "CVE-2025-8114",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8114"
},
{
"name": "CVE-2025-38400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38400"
},
{
"name": "CVE-2023-6004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6004"
},
{
"name": "CVE-2025-32387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32387"
},
{
"name": "CVE-2024-26775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26775"
},
{
"name": "CVE-2022-25309",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25309"
},
{
"name": "CVE-2025-4516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4516"
},
{
"name": "CVE-2025-38136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38136"
},
{
"name": "CVE-2024-38808",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38808"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2024-12747",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12747"
},
{
"name": "CVE-2022-3358",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3358"
},
{
"name": "CVE-2023-41175",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41175"
},
{
"name": "CVE-2023-48234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48234"
},
{
"name": "CVE-2025-55212",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55212"
},
{
"name": "CVE-2022-36087",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36087"
},
{
"name": "CVE-2022-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32547"
},
{
"name": "CVE-2025-6021",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6021"
},
{
"name": "CVE-2022-0351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0351"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2022-21293",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21293"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-26280",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26280"
},
{
"name": "CVE-2025-37752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37752"
},
{
"name": "CVE-2025-55668",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55668"
},
{
"name": "CVE-2023-7008",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7008"
},
{
"name": "CVE-2022-1354",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1354"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2025-21873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21873"
},
{
"name": "CVE-2024-4603",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4603"
},
{
"name": "CVE-2025-38048",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38048"
},
{
"name": "CVE-2019-13147",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13147"
},
{
"name": "CVE-2025-50104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50104"
},
{
"name": "CVE-2025-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25193"
},
{
"name": "CVE-2020-2800",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2800"
},
{
"name": "CVE-2024-8096",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8096"
},
{
"name": "CVE-2018-11655",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11655"
},
{
"name": "CVE-2022-4415",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4415"
},
{
"name": "CVE-2022-2928",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2928"
},
{
"name": "CVE-2025-21765",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21765"
},
{
"name": "CVE-2023-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3576"
},
{
"name": "CVE-2025-38477",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38477"
},
{
"name": "CVE-2023-4806",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4806"
},
{
"name": "CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"name": "CVE-2025-57803",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57803"
},
{
"name": "CVE-2023-46246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46246"
},
{
"name": "CVE-2025-21782",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21782"
},
{
"name": "CVE-2023-31437",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31437"
},
{
"name": "CVE-2023-47039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47039"
},
{
"name": "CVE-2025-30722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30722"
},
{
"name": "CVE-2024-43802",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43802"
},
{
"name": "CVE-2025-38177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38177"
},
{
"name": "CVE-2016-2781",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2781"
},
{
"name": "CVE-2023-31484",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31484"
},
{
"name": "CVE-2024-56827",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56827"
},
{
"name": "CVE-2023-29383",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29383"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2023-37769",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37769"
},
{
"name": "CVE-2025-21926",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21926"
},
{
"name": "CVE-2022-21282",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21282"
},
{
"name": "CVE-2022-21349",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21349"
},
{
"name": "CVE-2020-29511",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29511"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2015-7697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7697"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-21742",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21742"
},
{
"name": "CVE-2025-30687",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30687"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-43243",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43243"
},
{
"name": "CVE-2024-58002",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58002"
},
{
"name": "CVE-2017-16231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16231"
},
{
"name": "CVE-2025-38406",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38406"
},
{
"name": "CVE-2025-50101",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50101"
},
{
"name": "CVE-2025-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21930"
},
{
"name": "CVE-2021-35942",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35942"
},
{
"name": "CVE-2025-46701",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46701"
},
{
"name": "CVE-2025-38001",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38001"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-5702",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5702"
},
{
"name": "CVE-2025-21870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21870"
},
{
"name": "CVE-2017-9409",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9409"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2018-1000077",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077"
},
{
"name": "CVE-2025-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21892"
},
{
"name": "CVE-2024-58052",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58052"
},
{
"name": "CVE-2025-21944",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21944"
},
{
"name": "CVE-2025-21905",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21905"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2016-0689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0689"
},
{
"name": "CVE-2025-38352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38352"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2024-54456",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54456"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-21920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21920"
},
{
"name": "CVE-2025-55554",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55554"
},
{
"name": "CVE-2024-43168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43168"
},
{
"name": "CVE-2014-8140",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8140"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-22016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22016"
},
{
"name": "CVE-2025-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4207"
},
{
"name": "CVE-2021-45346",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45346"
},
{
"name": "CVE-2025-37756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37756"
},
{
"name": "CVE-2022-0908",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0908"
},
{
"name": "CVE-2025-38263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38263"
},
{
"name": "CVE-2025-21667",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21667"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2024-46901",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-46901"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2025-21955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21955"
},
{
"name": "CVE-2025-8677",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8677"
},
{
"name": "CVE-2025-21773",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21773"
},
{
"name": "CVE-2025-53040",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53040"
},
{
"name": "CVE-2025-38218",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38218"
},
{
"name": "CVE-2023-45287",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45287"
},
{
"name": "CVE-2025-53906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53906"
},
{
"name": "CVE-2025-27789",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27789"
},
{
"name": "CVE-2025-1352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1352"
},
{
"name": "CVE-2024-43167",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43167"
},
{
"name": "CVE-2021-28861",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28861"
},
{
"name": "CVE-2024-4741",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4741"
},
{
"name": "CVE-2022-21248",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21248"
},
{
"name": "CVE-2021-33574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33574"
},
{
"name": "CVE-2018-1000035",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000035"
},
{
"name": "CVE-2021-40211",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40211"
},
{
"name": "CVE-2025-48924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48924"
},
{
"name": "CVE-2024-58001",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58001"
},
{
"name": "CVE-2025-38393",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38393"
},
{
"name": "CVE-2024-26256",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26256"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2019-18276",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-18276"
},
{
"name": "CVE-2025-38618",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38618"
},
{
"name": "CVE-2021-3326",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3326"
},
{
"name": "CVE-2023-2283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2283"
},
{
"name": "CVE-2020-0499",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0499"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-21724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21724"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-3136",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3136"
},
{
"name": "CVE-2025-55160",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55160"
},
{
"name": "CVE-2025-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21891"
},
{
"name": "CVE-2025-38249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38249"
},
{
"name": "CVE-2023-40403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40403"
},
{
"name": "CVE-2025-22013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22013"
},
{
"name": "CVE-2024-50157",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50157"
},
{
"name": "CVE-2022-48703",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48703"
},
{
"name": "CVE-2025-38154",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38154"
},
{
"name": "CVE-2022-1674",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1674"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2025-21858",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21858"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2022-30699",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30699"
},
{
"name": "CVE-2025-21672",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21672"
},
{
"name": "CVE-2025-38389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38389"
},
{
"name": "CVE-2025-38448",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38448"
},
{
"name": "CVE-2022-48281",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48281"
},
{
"name": "CVE-2023-2426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2426"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2025-30704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30704"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2024-57949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57949"
},
{
"name": "CVE-2025-1632",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1632"
},
{
"name": "CVE-2021-20176",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20176"
},
{
"name": "CVE-2025-21979",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21979"
},
{
"name": "CVE-2022-3278",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3278"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2025-21821",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21821"
},
{
"name": "CVE-2022-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28321"
},
{
"name": "CVE-2025-55298",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55298"
},
{
"name": "CVE-2022-43241",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43241"
},
{
"name": "CVE-2017-3606",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3606"
},
{
"name": "CVE-2023-52969",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52969"
},
{
"name": "CVE-2018-1000073",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073"
},
{
"name": "CVE-2025-38052",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38052"
},
{
"name": "CVE-2025-38377",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38377"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2025-21733",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21733"
},
{
"name": "CVE-2023-22656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22656"
},
{
"name": "CVE-2025-46551",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-46551"
},
{
"name": "CVE-2025-43965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-43965"
},
{
"name": "CVE-2022-40090",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40090"
},
{
"name": "CVE-2021-36408",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36408"
},
{
"name": "CVE-2023-24329",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24329"
},
{
"name": "CVE-2025-21963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21963"
},
{
"name": "CVE-2025-53045",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53045"
},
{
"name": "CVE-2023-39327",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39327"
},
{
"name": "CVE-2017-18253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18253"
},
{
"name": "CVE-2024-12243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12243"
},
{
"name": "CVE-2024-26462",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26462"
},
{
"name": "CVE-2024-58053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58053"
},
{
"name": "CVE-2025-38516",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38516"
},
{
"name": "CVE-2025-30693",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30693"
},
{
"name": "CVE-2025-38462",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38462"
},
{
"name": "CVE-2025-38350",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38350"
},
{
"name": "CVE-2025-38428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38428"
},
{
"name": "CVE-2025-27363",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27363"
},
{
"name": "CVE-2018-13410",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-13410"
},
{
"name": "CVE-2025-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2099"
},
{
"name": "CVE-2025-38262",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38262"
},
{
"name": "CVE-2025-6638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6638"
},
{
"name": "CVE-2025-21585",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21585"
},
{
"name": "CVE-2023-24531",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24531"
},
{
"name": "CVE-2025-38138",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38138"
},
{
"name": "CVE-2021-3610",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3610"
},
{
"name": "CVE-2024-58077",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58077"
},
{
"name": "CVE-2025-5283",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5283"
},
{
"name": "CVE-2025-21754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21754"
},
{
"name": "CVE-2024-12088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12088"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2025-38035",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38035"
},
{
"name": "CVE-2023-2975",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2975"
},
{
"name": "CVE-2025-37997",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37997"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2021-44717",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44717"
},
{
"name": "CVE-2025-2312",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2312"
},
{
"name": "CVE-2025-0395",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0395"
},
{
"name": "CVE-2025-53506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53506"
},
{
"name": "CVE-2025-21960",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21960"
},
{
"name": "CVE-2025-38310",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38310"
},
{
"name": "CVE-2025-23084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23084"
},
{
"name": "CVE-2015-4786",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4786"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2025-37963",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37963"
},
{
"name": "CVE-2022-43250",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43250"
},
{
"name": "CVE-2022-40304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40304"
},
{
"name": "CVE-2025-38226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38226"
},
{
"name": "CVE-2025-4947",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4947"
},
{
"name": "CVE-2023-4911",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4911"
},
{
"name": "CVE-2022-29804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29804"
},
{
"name": "CVE-2023-38473",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38473"
},
{
"name": "CVE-2025-38443",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38443"
},
{
"name": "CVE-2025-0725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0725"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2025-52099",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52099"
},
{
"name": "CVE-2023-43887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43887"
},
{
"name": "CVE-2025-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21967"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2025-1094",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-1094"
},
{
"name": "CVE-2021-24032",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-24032"
},
{
"name": "CVE-2025-38439",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38439"
},
{
"name": "CVE-2022-1434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1434"
},
{
"name": "CVE-2025-41254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41254"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2020-2757",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2757"
},
{
"name": "CVE-2025-53864",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53864"
},
{
"name": "CVE-2025-38145",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38145"
},
{
"name": "CVE-2022-2598",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2598"
},
{
"name": "CVE-2020-27829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27829"
},
{
"name": "CVE-2024-4032",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4032"
},
{
"name": "CVE-2025-37948",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37948"
},
{
"name": "CVE-2021-27645",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27645"
},
{
"name": "CVE-2025-21863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21863"
},
{
"name": "CVE-2025-21856",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21856"
},
{
"name": "CVE-2025-53053",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53053"
},
{
"name": "CVE-2022-2509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2509"
},
{
"name": "CVE-2024-28835",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28835"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2025-21749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21749"
},
{
"name": "CVE-2017-6839",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6839"
},
{
"name": "CVE-2023-1906",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1906"
},
{
"name": "CVE-2025-40025",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40025"
},
{
"name": "CVE-2025-38051",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38051"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2025-49796",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49796"
},
{
"name": "CVE-2022-34526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34526"
},
{
"name": "CVE-2025-8058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8058"
},
{
"name": "CVE-2023-47471",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47471"
},
{
"name": "CVE-2022-2868",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2868"
},
{
"name": "CVE-2022-1771",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1771"
},
{
"name": "CVE-2025-21945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21945"
},
{
"name": "CVE-2021-32492",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32492"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2025-55005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55005"
},
{
"name": "CVE-2025-32955",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32955"
},
{
"name": "CVE-2025-8732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8732"
},
{
"name": "CVE-2025-38044",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38044"
},
{
"name": "CVE-2022-1586",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1586"
},
{
"name": "CVE-2023-39326",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39326"
},
{
"name": "CVE-2024-52616",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52616"
},
{
"name": "CVE-2025-38498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38498"
},
{
"name": "CVE-2025-40015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40015"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2025-21673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21673"
},
{
"name": "CVE-2025-21829",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21829"
},
{
"name": "CVE-2025-21502",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21502"
},
{
"name": "CVE-2024-57999",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57999"
},
{
"name": "CVE-2018-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16645"
},
{
"name": "CVE-2025-22008",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22008"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2025-21969",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21969"
},
{
"name": "CVE-2025-38200",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38200"
},
{
"name": "CVE-2025-40007",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40007"
},
{
"name": "CVE-2024-58072",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58072"
},
{
"name": "CVE-2025-38273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38273"
},
{
"name": "CVE-2025-38346",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38346"
},
{
"name": "CVE-2025-55315",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55315"
},
{
"name": "CVE-2018-11813",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11813"
},
{
"name": "CVE-2025-21722",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21722"
},
{
"name": "CVE-2024-50379",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50379"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2025-21793",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21793"
},
{
"name": "CVE-2022-2719",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2719"
},
{
"name": "CVE-2025-21581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21581"
},
{
"name": "CVE-2022-45873",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45873"
},
{
"name": "CVE-2023-34151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34151"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2021-43809",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43809"
},
{
"name": "CVE-2025-5914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5914"
},
{
"name": "CVE-2015-1606",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1606"
},
{
"name": "CVE-2025-21894",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21894"
},
{
"name": "CVE-2025-21919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21919"
},
{
"name": "CVE-2023-3896",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3896"
},
{
"name": "CVE-2023-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2908"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2025-58754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58754"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2025-21854",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21854"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2023-31486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31486"
},
{
"name": "CVE-2020-21599",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21599"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-21210",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21210"
},
{
"name": "CVE-2013-0340",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0340"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2025-21759",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21759"
},
{
"name": "CVE-2023-32611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32611"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2024-2511",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2511"
},
{
"name": "CVE-2015-20107",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-20107"
},
{
"name": "CVE-2023-39978",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39978"
},
{
"name": "CVE-2024-34397",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34397"
},
{
"name": "CVE-2025-38320",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38320"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"name": "CVE-2025-8177",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8177"
},
{
"name": "CVE-2025-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21968"
},
{
"name": "CVE-2024-58083",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58083"
},
{
"name": "CVE-2021-20311",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20311"
},
{
"name": "CVE-2024-58055",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58055"
},
{
"name": "CVE-2025-21991",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21991"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2020-27618",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27618"
},
{
"name": "CVE-2024-57993",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57993"
},
{
"name": "CVE-2025-21887",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21887"
},
{
"name": "CVE-2023-6246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6246"
},
{
"name": "CVE-2021-20241",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20241"
},
{
"name": "CVE-2017-12674",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12674"
},
{
"name": "CVE-2023-0800",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0800"
},
{
"name": "CVE-2025-62171",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62171"
},
{
"name": "CVE-2025-38280",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38280"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2018-1000078",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078"
},
{
"name": "CVE-2020-2756",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2756"
},
{
"name": "CVE-2025-50950",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50950"
},
{
"name": "CVE-2020-21605",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-21605"
},
{
"name": "CVE-2024-54534",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-54534"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2025-38084",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38084"
},
{
"name": "CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"name": "CVE-2022-23219",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23219"
},
{
"name": "CVE-2017-1000476",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000476"
},
{
"name": "CVE-2015-2640",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2640"
},
{
"name": "CVE-2025-30685",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30685"
},
{
"name": "CVE-2024-41123",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41123"
},
{
"name": "CVE-2025-6921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6921"
},
{
"name": "CVE-2015-8863",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8863"
},
{
"name": "CVE-2022-21619",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21619"
},
{
"name": "CVE-2025-30695",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30695"
},
{
"name": "CVE-2025-30688",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30688"
},
{
"name": "CVE-2023-5752",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5752"
},
{
"name": "CVE-2018-11656",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11656"
},
{
"name": "CVE-2025-38103",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38103"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2021-25217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25217"
},
{
"name": "CVE-2025-38514",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38514"
},
{
"name": "CVE-2018-19876",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19876"
},
{
"name": "CVE-2025-61780",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61780"
},
{
"name": "CVE-2021-20310",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20310"
},
{
"name": "CVE-2021-20245",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20245"
},
{
"name": "CVE-2021-35561",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35561"
},
{
"name": "CVE-2025-21732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21732"
},
{
"name": "CVE-2025-38569",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38569"
},
{
"name": "CVE-2022-21476",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21476"
},
{
"name": "CVE-2023-22796",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22796"
},
{
"name": "CVE-2025-21875",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21875"
},
{
"name": "CVE-2023-0361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0361"
},
{
"name": "CVE-2025-38204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38204"
},
{
"name": "CVE-2021-40812",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-40812"
},
{
"name": "CVE-2021-4217",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4217"
},
{
"name": "CVE-2023-32643",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32643"
},
{
"name": "CVE-2023-27537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27537"
},
{
"name": "CVE-2025-22015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22015"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2025-21962",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21962"
},
{
"name": "CVE-2025-29786",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-29786"
},
{
"name": "CVE-2025-21832",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21832"
},
{
"name": "CVE-2024-12133",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12133"
},
{
"name": "CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"name": "CVE-2022-27780",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27780"
},
{
"name": "CVE-2018-9135",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9135"
},
{
"name": "CVE-2025-38410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38410"
},
{
"name": "CVE-2025-21790",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21790"
},
{
"name": "CVE-2024-52316",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52316"
},
{
"name": "CVE-2024-21217",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21217"
},
{
"name": "CVE-2021-39212",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39212"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2024-58014",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58014"
},
{
"name": "CVE-2025-21680",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21680"
},
{
"name": "CVE-2025-0167",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0167"
},
{
"name": "CVE-2017-12433",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12433"
},
{
"name": "CVE-2025-21924",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21924"
},
{
"name": "CVE-2021-3574",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3574"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21541"
},
{
"name": "CVE-2025-22227",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22227"
},
{
"name": "CVE-2025-47273",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47273"
},
{
"name": "CVE-2025-27221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27221"
},
{
"name": "CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"name": "CVE-2024-58006",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58006"
},
{
"name": "CVE-2025-21710",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21710"
},
{
"name": "CVE-2022-21360",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21360"
},
{
"name": "CVE-2025-22088",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22088"
},
{
"name": "CVE-2025-38460",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38460"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-25858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25858"
},
{
"name": "CVE-2022-21296",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21296"
},
{
"name": "CVE-2022-48303",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48303"
},
{
"name": "CVE-2025-38345",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38345"
},
{
"name": "CVE-2022-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21540"
},
{
"name": "CVE-2025-21815",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21815"
},
{
"name": "CVE-2025-50083",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50083"
},
{
"name": "CVE-2024-37371",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37371"
},
{
"name": "CVE-2017-6836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6836"
},
{
"name": "CVE-2021-3500",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3500"
},
{
"name": "CVE-2022-25310",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25310"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2021-20251",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20251"
},
{
"name": "CVE-2025-21669",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21669"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2021-33621",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33621"
},
{
"name": "CVE-2025-57807",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-57807"
},
{
"name": "CVE-2025-38231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38231"
},
{
"name": "CVE-2022-26488",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26488"
},
{
"name": "CVE-2025-21716",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21716"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"name": "CVE-2025-3777",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3777"
},
{
"name": "CVE-2025-21964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21964"
},
{
"name": "CVE-2024-0567",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0567"
},
{
"name": "CVE-2018-18384",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18384"
},
{
"name": "CVE-2024-58080",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-58080"
},
{
"name": "CVE-2025-21744",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21744"
},
{
"name": "CVE-2024-21208",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21208"
},
{
"name": "CVE-2023-32665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32665"
},
{
"name": "CVE-2025-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31498"
},
{
"name": "CVE-2022-30698",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30698"
},
{
"name": "CVE-2023-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31438"
},
{
"name": "CVE-2024-57986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-57986"
},
{
"name": "CVE-2021-37750",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-37750"
},
{
"name": "CVE-2025-3576",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3576"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2021-20244",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20244"
},
{
"name": "CVE-2025-38181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38181"
},
{
"name": "CVE-2025-21835",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21835"
},
{
"name": "CVE-2025-38391",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38391"
},
{
"name": "CVE-2025-11411",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11411"
},
{
"name": "CVE-2020-14577",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14577"
},
{
"name": "CVE-2022-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3570"
},
{
"name": "CVE-2016-9844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9844"
},
{
"name": "CVE-2019-13136",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13136"
},
{
"name": "CVE-2025-49014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-49014"
},
{
"name": "CVE-2021-36222",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36222"
},
{
"name": "CVE-2021-3941",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3941"
},
{
"name": "CVE-2022-0561",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0561"
},
{
"name": "CVE-2024-6923",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6923"
},
{
"name": "CVE-2025-21811",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21811"
},
{
"name": "CVE-2024-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8088"
},
{
"name": "CVE-2025-48734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48734"
},
{
"name": "CVE-2025-11226",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11226"
}
],
"initial_release_date": "2025-11-06T00:00:00",
"last_revision_date": "2025-11-06T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0969",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36320",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36320"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36423",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36423"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36364"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36351"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36424",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36424"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36412",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36412"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36388",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36388"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36426",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36426"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36411",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36411"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36357",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36357"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36408",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36408"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36349",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36349"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36414",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36414"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36397",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36397"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36389",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36389"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36398",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36398"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36380",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36380"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-41",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36407"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36362",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36362"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36413",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36413"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36384",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36384"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36379",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36379"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36400",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36400"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36377",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36377"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36368",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36368"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36418",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36418"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36420",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36420"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36391",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36391"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36392",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36392"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36353",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36353"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-14",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36356"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36422",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36422"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36381",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36381"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36421",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36421"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36416",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36416"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-86",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36415"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36403",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36403"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36347",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36347"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36383",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36383"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36410",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36410"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36352",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36352"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36394",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36394"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36354",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36354"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36399",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36399"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36350"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36419",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36419"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-85",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36401"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2022-19",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36365"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36405",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36405"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36367"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36395",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36395"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36387",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36387"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36363",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36363"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36385",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36385"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36409",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36409"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36359"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36348",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36348"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36386",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36386"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36417",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36417"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36425",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36425"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2018-27",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36366"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36360"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36355",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36355"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2025-53",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36358"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36396",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36396"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36378",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36378"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36382",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36382"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36404",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36404"
},
{
"published_at": "2025-11-05",
"title": "Bulletin de s\u00e9curit\u00e9 VMware DSA-2024-44",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36361"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36402",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36402"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36393",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36393"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36406",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36406"
},
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36390",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36390"
}
]
}
NCSC-2025-0330
Vulnerability from csaf_ncscnl - Published: 2025-10-23 13:20 - Updated: 2025-10-23 13:20Summary
Kwetsbaarheden verholpen in Oracle Communications producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft meerdere kwetsbaarheden verholpen in zijn Communications producten, waaronder de Unified Assurance en Cloud Native Core.
Interpretaties
De kwetsbaarheden in de Oracle Communications producten stellen kwaadwillenden in staat om ongeautoriseerde toegang te verkrijgen, wat kan leiden tot gedeeltelijke of volledige Denial-of-Service (DoS) aanvallen. Specifiek kunnen aanvallers met netwerktoegang de systemen compromitteren, wat resulteert in ongeautoriseerde toegang tot gevoelige gegevens. De CVSS-scores van deze kwetsbaarheden variëren van 3.1 tot 9.8, wat wijst op een breed scala aan risico's, van beperkte tot ernstige impact op de vertrouwelijkheid, integriteit en beschikbaarheid van de systemen.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden in zijn Communications producten te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-20
Improper Input Validation
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-23
Relative Path Traversal
CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-121
Stack-based Buffer Overflow
CWE-122
Heap-based Buffer Overflow
CWE-124
Buffer Underwrite ('Buffer Underflow')
CWE-125
Out-of-bounds Read
CWE-129
Improper Validation of Array Index
CWE-130
Improper Handling of Length Parameter Inconsistency
CWE-147
Improper Neutralization of Input Terminators
CWE-190
Integer Overflow or Wraparound
CWE-197
Numeric Truncation Error
CWE-241
Improper Handling of Unexpected Data Type
CWE-252
Unchecked Return Value
CWE-253
Incorrect Check of Function Return Value
CWE-284
Improper Access Control
CWE-287
Improper Authentication
CWE-290
Authentication Bypass by Spoofing
CWE-328
Use of Weak Hash
CWE-385
Covert Timing Channel
CWE-390
Detection of Error Condition Without Action
CWE-400
Uncontrolled Resource Consumption
CWE-404
Improper Resource Shutdown or Release
CWE-407
Inefficient Algorithmic Complexity
CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
CWE-415
Double Free
CWE-416
Use After Free
CWE-426
Untrusted Search Path
CWE-440
Expected Behavior Violation
CWE-444
Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-476
NULL Pointer Dereference
CWE-674
Uncontrolled Recursion
CWE-697
Incorrect Comparison
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-787
Out-of-bounds Write
CWE-789
Memory Allocation with Excessive Size Value
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE-918
Server-Side Request Forgery (SSRF)
CWE-937
CWE-937
CWE-1035
CWE-1035
CWE-1284
Improper Validation of Specified Quantity in Input
CWE-1333
Inefficient Regular Expression Complexity
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft meerdere kwetsbaarheden verholpen in zijn Communications producten, waaronder de Unified Assurance en Cloud Native Core.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden in de Oracle Communications producten stellen kwaadwillenden in staat om ongeautoriseerde toegang te verkrijgen, wat kan leiden tot gedeeltelijke of volledige Denial-of-Service (DoS) aanvallen. Specifiek kunnen aanvallers met netwerktoegang de systemen compromitteren, wat resulteert in ongeautoriseerde toegang tot gevoelige gegevens. De CVSS-scores van deze kwetsbaarheden vari\u00ebren van 3.1 tot 9.8, wat wijst op een breed scala aan risico\u0027s, van beperkte tot ernstige impact op de vertrouwelijkheid, integriteit en beschikbaarheid van de systemen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden in zijn Communications producten te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Buffer Underwrite (\u0027Buffer Underflow\u0027)",
"title": "CWE-124"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Validation of Array Index",
"title": "CWE-129"
},
{
"category": "general",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "general",
"text": "Improper Neutralization of Input Terminators",
"title": "CWE-147"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "general",
"text": "Improper Handling of Unexpected Data Type",
"title": "CWE-241"
},
{
"category": "general",
"text": "Unchecked Return Value",
"title": "CWE-252"
},
{
"category": "general",
"text": "Incorrect Check of Function Return Value",
"title": "CWE-253"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
},
{
"category": "general",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "general",
"text": "Use of Weak Hash",
"title": "CWE-328"
},
{
"category": "general",
"text": "Covert Timing Channel",
"title": "CWE-385"
},
{
"category": "general",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "general",
"text": "Improper Handling of Highly Compressed Data (Data Amplification)",
"title": "CWE-409"
},
{
"category": "general",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "general",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "general",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "general",
"text": "Expected Behavior Violation",
"title": "CWE-440"
},
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Incorrect Comparison",
"title": "CWE-697"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Memory Allocation with Excessive Size Value",
"title": "CWE-789"
},
{
"category": "general",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "general",
"text": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
"title": "CWE-843"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "general",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "general",
"text": "Improper Validation of Specified Quantity in Input",
"title": "CWE-1284"
},
{
"category": "general",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://www.oracle.com/security-alerts/cpuoct2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Communications producten",
"tracking": {
"current_release_date": "2025-10-23T13:20:15.363063Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0330",
"initial_release_date": "2025-10-23T13:20:15.363063Z",
"revision_history": [
{
"date": "2025-10-23T13:20:15.363063Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Communications Cloud Native Core Console"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Management Cloud Engine"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Oracle Communications Billing and Revenue Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Oracle Communications Calendar Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Automated Test Suite"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Binding Support Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Certificate Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core DBTier"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Network Function Cloud Native Environment"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-10"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Network Repository Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-11"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Network Slice Selection Function"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-12"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Policy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-13"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Security Edge Protection Proxy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-14"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Service Communication Proxy"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-15"
}
}
],
"category": "product_name",
"name": "Oracle Communications Cloud Native Core Unified Data Repository"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-16"
}
}
],
"category": "product_name",
"name": "Oracle Communications Converged Charging System"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-17"
}
}
],
"category": "product_name",
"name": "Oracle Communications Convergence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-18"
}
}
],
"category": "product_name",
"name": "Oracle Communications Convergent Charging Controller"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-19"
}
}
],
"category": "product_name",
"name": "Oracle Communications Diameter Signaling Router"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-20"
}
}
],
"category": "product_name",
"name": "Oracle Communications EAGLE Element Management System"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-21"
}
}
],
"category": "product_name",
"name": "Oracle Communications EAGLE LNP Application Processor"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-22"
}
}
],
"category": "product_name",
"name": "Oracle Communications LSMS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-23"
}
}
],
"category": "product_name",
"name": "Oracle Communications Messaging Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-24"
}
}
],
"category": "product_name",
"name": "Oracle Communications Network Analytics Data Director"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-25"
}
}
],
"category": "product_name",
"name": "Oracle Communications Network Charging and Control"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-26"
}
}
],
"category": "product_name",
"name": "Oracle Communications Network Integrity"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-27"
}
}
],
"category": "product_name",
"name": "Oracle Communications Offline Mediation Controller"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-28"
}
}
],
"category": "product_name",
"name": "Oracle Communications Operations Monitor"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-29"
}
}
],
"category": "product_name",
"name": "Oracle Communications Order and Service Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-30"
}
}
],
"category": "product_name",
"name": "Oracle Communications Pricing Design Center"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-31"
}
}
],
"category": "product_name",
"name": "Oracle Communications Service Catalog and Design"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-32"
}
}
],
"category": "product_name",
"name": "Oracle Communications Session Border Controller"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-33"
}
}
],
"category": "product_name",
"name": "Oracle Communications Unified Assurance"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-34"
}
}
],
"category": "product_name",
"name": "Oracle Communications Unified Inventory Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-35"
}
}
],
"category": "product_name",
"name": "Oracle Enterprise Communications Broker"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-36"
}
}
],
"category": "product_name",
"name": "Oracle Enterprise Operations Monitor"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-26555",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "description",
"text": "Recent updates address vulnerabilities in NTP 4.2.8p17 and Oracle products, including CVE-2023-26555 related to malformed RT-11 dates and various security issues in Oracle Communications and Database systems.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-26555 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2023/cve-2023-26555.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2023-26555"
},
{
"cve": "CVE-2024-7254",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Multiple vulnerabilities across various Oracle, IBM, and Protobuf products could lead to Denial of Service and unauthorized access, with significant risks identified in versions of Oracle Communications, MySQL Connector/J, and IBM WebSphere.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-7254 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-7254.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-7254"
},
{
"cve": "CVE-2024-8006",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "Multiple vulnerabilities in Oracle Communications products and the libpcap library allow high-privileged attackers to cause denial of service and NULL pointer dereference issues, with CVSS scores of 4.4 for the former.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-8006 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-8006.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-8006"
},
{
"cve": "CVE-2024-12133",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Algorithmic Complexity",
"title": "CWE-407"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "description",
"text": "Multiple vulnerabilities affecting Oracle Communications EAGLE LNP Application Processor, Oracle Communications Cloud Native Core Policy, and libtasn1 could lead to denial of service attacks, with CVSS scores of 5.3 for some products.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-12133 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-12133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-12133"
},
{
"cve": "CVE-2024-28182",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Detection of Error Condition Without Action",
"title": "CWE-390"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle MySQL, Oracle Communications, and nghttp2 products allow remote attackers to exploit confidentiality, integrity, and availability, with varying damage ratings from medium to high.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28182 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-28182.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-28182"
},
{
"cve": "CVE-2024-35164",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Array Index",
"title": "CWE-129"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Unified Assurance and Apache Guacamole could allow high-privileged attackers to compromise systems and execute arbitrary code, respectively.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-35164 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-35164.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-35164"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Length Parameter Inconsistency",
"title": "CWE-130"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle products, including Communications and MySQL, as well as MIT Kerberos 5, allow for unauthorized access, denial of service, and other malicious activities, with CVSS scores reaching 9.1.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37371 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-37371.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle Middleware, Documaker, and Apache Commons IO components allow unauthenticated attackers to exploit denial of service risks, with CVSS scores ranging from 4.3 to 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-50609",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "description",
"text": "Fluent Bit 3.1.9 has a vulnerability allowing remote Denial of Service attacks via a zero-length packet, while Oracle Communications Unified Assurance versions 6.1.0-6.1.1 can be exploited by high-privileged attackers for complete Denial of Service.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-50609 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-50609.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-50609"
},
{
"cve": "CVE-2024-51504",
"cwe": {
"id": "CWE-290",
"name": "Authentication Bypass by Spoofing"
},
"notes": [
{
"category": "other",
"text": "Authentication Bypass by Spoofing",
"title": "CWE-290"
},
{
"category": "description",
"text": "Recent vulnerabilities in Apache ZooKeeper and Oracle Communications Unified Assurance expose systems to authentication bypass and unauthorized access, allowing attackers to execute commands and access critical data.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-51504 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-51504.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-51504"
},
{
"cve": "CVE-2024-57699",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Multiple security vulnerabilities across various Oracle products and the Netplex Json-smart library can lead to Denial of Service (DoS) due to stack exhaustion and other exploits, affecting versions 2.5.0 to 2.5.1 and specific Oracle software.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57699 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-57699.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2025-1948",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Eclipse Jetty versions 12.0.0 to 12.0.16 are vulnerable to OutOfMemoryError and denial of service attacks due to improper validation of the SETTINGS_MAX_HEADER_LIST_SIZE parameter, affecting various products including Oracle Communications EAGLE and NetApp.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-1948 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-1948.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-1948"
},
{
"cve": "CVE-2025-3576",
"cwe": {
"id": "CWE-328",
"name": "Use of Weak Hash"
},
"notes": [
{
"category": "other",
"text": "Use of Weak Hash",
"title": "CWE-328"
},
{
"category": "description",
"text": "Recent vulnerabilities in krb5 and MIT Kerberos implementations allow for message spoofing via MD5 checksum weaknesses, while Oracle Communications Network Analytics Data Director is susceptible to unauthorized data manipulation through SSH access.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-3576 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-3576.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-3576"
},
{
"cve": "CVE-2025-4373",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "other",
"text": "Buffer Underwrite (\u0027Buffer Underflow\u0027)",
"title": "CWE-124"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Cloud Native Core and glib2 involve unauthorized access risks and buffer overflow issues, affecting multiple products with varying severity levels.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-4373 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4373.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L/E:U",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-4373"
},
{
"cve": "CVE-2025-4517",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "description",
"text": "Recent updates to Python versions 3.6 through 3.13.5 address multiple security vulnerabilities, particularly in the tarfile module, while enhancing various functionalities and resolving issues related to memory management and IPv6 handling.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-4517 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4517.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-4517"
},
{
"cve": "CVE-2025-4802",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"notes": [
{
"category": "other",
"text": "Untrusted Search Path",
"title": "CWE-426"
},
{
"category": "description",
"text": "Vulnerabilities in Oracle Communications Cloud Native Core and glibc allow unauthenticated access and privilege escalation, with CVSS scores of 7.8, affecting confidentiality, integrity, and availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-4802 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-4802.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-4802"
},
{
"cve": "CVE-2025-5115",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "The \u0027MadeYouReset\u0027 vulnerability in HTTP/2 affects certain Jetty versions, allowing denial of service through malformed control frames, while additional vulnerabilities exist in Oracle Communications and SAP Commerce Cloud.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5115 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5115.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-5115"
},
{
"cve": "CVE-2025-5318",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle MySQL Workbench and the libssh library expose sensitive data and allow unauthorized access, with CVSS scores indicating moderate severity.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5318 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5318.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-5318"
},
{
"cve": "CVE-2025-5399",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "other",
"text": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"title": "CWE-835"
},
{
"category": "description",
"text": "Multiple vulnerabilities in Oracle MySQL Server and Cluster, along with libcurl\u0027s WebSocket code, allow for various denial of service attacks, with CVSS scores ranging from 4.3 to 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5399 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5399.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-5399"
},
{
"cve": "CVE-2025-5889",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"notes": [
{
"category": "other",
"text": "Inefficient Regular Expression Complexity",
"title": "CWE-1333"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "The juliangruber brace-expansion library has a vulnerability in versions up to 4.0.0 affecting the expand function, while Oracle Communications Unified Assurance versions 6.1.0-6.1.1 are susceptible to a partial denial of service by low-privileged attackers.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5889 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5889.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-5889"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"notes": [
{
"category": "other",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "description",
"text": "Critical vulnerabilities in Oracle Communications Cloud Native Core and SQLite versions prior to 3.50.2 expose systems to severe risks, including memory corruption and integer truncation issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-6965 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6965.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-7339",
"cwe": {
"id": "CWE-241",
"name": "Improper Handling of Unexpected Data Type"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Unexpected Data Type",
"title": "CWE-241"
},
{
"category": "description",
"text": "Oracle Communications Unified Assurance has a vulnerability allowing unauthorized data access, while the on-headers middleware for Node.js has a bug affecting response header modifications in versions prior to 1.1.0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-7339 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7339.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-7339"
},
{
"cve": "CVE-2025-7425",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "other",
"text": "Use After Free",
"title": "CWE-416"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Cloud Native Core and libxslt expose systems to unauthorized access and memory corruption, with significant impacts on integrity and availability.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-7425 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7425.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-7425"
},
{
"cve": "CVE-2025-7962",
"cwe": {
"id": "CWE-147",
"name": "Improper Neutralization of Input Terminators"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input Terminators",
"title": "CWE-147"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Cloud Native Core Console and Jakarta Mail versions 2.0.2 and 2.2 expose systems to significant risks, including unauthorized access and SMTP Injection attacks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-7962 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-7962.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-7962"
},
{
"cve": "CVE-2025-8058",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "other",
"text": "Double Free",
"title": "CWE-415"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Enterprise Operations Monitor and GNU C library versions 2.4 to 2.41 expose systems to potential unauthorized access, memory corruption, and denial of service risks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-8058 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-8058.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-8058"
},
{
"cve": "CVE-2025-8916",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Bouncy Castle for Java and BCPKIX FIPS have a vulnerability allowing excessive resource allocation, while Oracle Communications Cloud Native Core Certificate Management and certain NetApp products face denial of service risks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/S:P/R:U/RE:M/U:Amber",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-8916 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-8916.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-8916"
},
{
"cve": "CVE-2025-9086",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "The curl update 8.14.1 addresses security vulnerabilities, including out-of-bounds reads, proxy cache poisoning, and a bug allowing insecure sites to override secure cookies, alongside a denial of service vulnerability in Oracle Communications Unified Inventory Management.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-9086 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-9086.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-9086"
},
{
"cve": "CVE-2025-25724",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"notes": [
{
"category": "other",
"text": "Unchecked Return Value",
"title": "CWE-252"
},
{
"category": "description",
"text": "Multiple vulnerabilities have been identified in Oracle Communications Network Analytics Data Director and the libarchive component, affecting system integrity and availability, with CVSS scores indicating significant risks.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-25724 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-25724.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-25724"
},
{
"cve": "CVE-2025-27210",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "description",
"text": "Node.js versions 20.x, 22.x, and 24.x have an incomplete fix for CVE-2025-23084 affecting Windows device names and the `path.join` API, while Oracle Communications\u0027 Cloud Native Environment has a non-exploitable Security-in-Depth issue.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27210 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27210.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-27210"
},
{
"cve": "CVE-2025-27533",
"cwe": {
"id": "CWE-789",
"name": "Memory Allocation with Excessive Size Value"
},
"notes": [
{
"category": "other",
"text": "Memory Allocation with Excessive Size Value",
"title": "CWE-789"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Apache ActiveMQ and Oracle products allow for denial of service attacks due to improper validation and excessive memory allocation, affecting various versions and configurations.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:D/RE:M/U:Red",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27533 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27533.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-27533"
},
{
"cve": "CVE-2025-27553",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "other",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Middleware and Apache Commons VFS expose critical data and allow unauthorized file access, with significant risks associated with their exploitation.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27553 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27553.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-27553"
},
{
"cve": "CVE-2025-27587",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"notes": [
{
"category": "other",
"text": "Covert Timing Channel",
"title": "CWE-385"
},
{
"category": "description",
"text": "OpenSSL versions 3.0.0 to 3.3.2 on PowerPC are vulnerable to a Minerva attack, while Oracle Communications Cloud Native Core Certificate Management 25.1.200 has a critical data access vulnerability, and OpenSSL 3 has addressed timing side channel issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27587 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27587.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-27587"
},
{
"cve": "CVE-2025-27817",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Apache Kafka and Oracle applications allow unauthorized access to sensitive data, with notable SSRF risks and CVSS scores of 7.5 for Oracle products.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27817 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27817.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-27817"
},
{
"cve": "CVE-2025-32415",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Specified Quantity in Input",
"title": "CWE-1284"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple vulnerabilities have been identified in Oracle Java SE and libxml2, allowing for potential system compromise and denial of service, with CVSS scores of 7.5 for several issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-32415 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32415.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-32415"
},
{
"cve": "CVE-2025-32728",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"notes": [
{
"category": "other",
"text": "Expected Behavior Violation",
"title": "CWE-440"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Oracle Enterprise Communications Broker, OpenSSH, and HP-UX Secure Shell daemon could lead to unauthorized data access and system compromise, with varying CVSS scores and exploitation potential.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-32728 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32728.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-32728"
},
{
"cve": "CVE-2025-32990",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Unified Inventory Management and GnuTLS\u0027s certtool expose systems to denial-of-service and unauthorized data access, with significant integrity impacts and a CVSS score of 8.2 for Oracle\u0027s flaw.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-32990 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32990.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-32990"
},
{
"cve": "CVE-2025-48734",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "Recent updates to Apache Commons BeanUtils address multiple vulnerabilities, including arbitrary code execution risks and unauthorized access to Java enum properties, affecting versions prior to 1.11.0 and 2.0.0-M2.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48734 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48734.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-48734"
},
{
"cve": "CVE-2025-48924",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle WebLogic Server and Apache Commons Lang versions expose systems to denial of service risks, including an uncontrolled recursion flaw leading to StackOverflowErrors.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48924 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48924.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48976",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "Multiple vulnerabilities affecting Oracle Application Testing Suite and Apache Commons FileUpload, including DoS risks due to insufficient multipart header limits, have been identified, with CVSS scores reaching 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48976 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Recent updates for Apache Tomcat versions 9, 10, and 11 address the \u0027MadeYouReset\u0027 DoS vulnerability in HTTP/2, along with various enhancements to components like Catalina and Coyote.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48989 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48989.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-49796",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Recent updates for libxml2 address multiple vulnerabilities, including heap use after free and type confusion, which could lead to denial of service or crashes, alongside an Oracle vulnerability allowing unauthorized data access.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-49796 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-49796.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-52999",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "description",
"text": "Oracle Communications Unified Assurance has a vulnerability allowing denial of service, while jackson-core versions prior to 2.15.0 can cause StackoverflowError with deeply nested data, now mitigated in version 2.15.0.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-52999 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-52999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-52999"
},
{
"cve": "CVE-2025-53547",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "description",
"text": "Helm v3.18.4 addresses a critical vulnerability allowing local code execution through crafted `Chart.yaml` and symlinked `Chart.lock` files during dependency updates, alongside an Oracle Communications flaw with a CVSS score of 8.6.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53547 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53547.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-53547"
},
{
"cve": "CVE-2025-53643",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Operations Monitor and aiohttp could allow unauthorized access and data manipulation, with significant integrity impacts and request smuggling risks in affected versions.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53643 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53643.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-53643"
},
{
"cve": "CVE-2025-53864",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle GoldenGate and Connect2id Nimbus JOSE + JWT expose systems to denial of service attacks, with CVSS scores indicating significant availability impacts due to issues with deeply nested JSON objects.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53864 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53864.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-53864"
},
{
"cve": "CVE-2025-54090",
"cwe": {
"id": "CWE-253",
"name": "Incorrect Check of Function Return Value"
},
"notes": [
{
"category": "other",
"text": "Incorrect Check of Function Return Value",
"title": "CWE-253"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Communications Cloud Native Core Automated Test Suite and Apache HTTP Server 2.4.64 expose systems to unauthorized data access and potential denial of service, with a CVSS score of 6.3 for the Oracle issue.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-54090 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-54090.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-54090"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Recent updates to Netty address critical vulnerabilities, including the \u0027MadeYouReset\u0027 DDoS attack in HTTP/2, which can lead to denial of service through resource exhaustion in various affected versions.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55163 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55163.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-57803",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "description",
"text": "ImageMagick has addressed critical vulnerabilities in its BMP encoder, including a 32-bit integer overflow leading to heap corruption and potential code execution, alongside other security enhancements.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-57803 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-57803.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-57803"
},
{
"cve": "CVE-2025-58057",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"notes": [
{
"category": "other",
"text": "Improper Handling of Highly Compressed Data (Data Amplification)",
"title": "CWE-409"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Multiple vulnerabilities in decompressing decoders, including `BrotliDecoder`, and components of Oracle and HPE products can lead to denial of service through excessive buffer allocation and malformed HTTP/2 frames.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-58057 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-58057.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-58057"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat (CVE-2025-59375) allows excessive memory allocations from crafted XML input, affecting versions prior to 2.7.2, while a Security-in-Depth issue exists in Oracle Database Server\u0027s Perl component but is not exploitable.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59375 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59375.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9",
"CSAFPID-10",
"CSAFPID-11",
"CSAFPID-12",
"CSAFPID-13",
"CSAFPID-14",
"CSAFPID-15",
"CSAFPID-16",
"CSAFPID-17",
"CSAFPID-18",
"CSAFPID-19",
"CSAFPID-20",
"CSAFPID-21",
"CSAFPID-22",
"CSAFPID-23",
"CSAFPID-24",
"CSAFPID-25",
"CSAFPID-26",
"CSAFPID-27",
"CSAFPID-28",
"CSAFPID-29",
"CSAFPID-30",
"CSAFPID-31",
"CSAFPID-32",
"CSAFPID-33",
"CSAFPID-34",
"CSAFPID-35",
"CSAFPID-36"
]
}
],
"title": "CVE-2025-59375"
}
]
}
NCSC-2025-0333
Vulnerability from csaf_ncscnl - Published: 2025-10-23 13:35 - Updated: 2025-10-23 13:35Summary
Kwetsbaarheden verholpen in Oracle Financial Services
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten
Oracle heeft kwetsbaarheden verholpen in Oracle Financial Services componenten.
Interpretaties
De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om ongeautoriseerde toegang te krijgen tot gevoelige gegevens via HTTP. Dit kan leiden tot ongeoorloofde toegang en wijzigingen van kritieke data, met een CVSS-score van 9.8 die de significante impact op de vertrouwelijkheid benadrukt. Daarnaast zijn er kwetsbaarheden die kunnen leiden tot denial-of-service (DoS) aanvallen, wat de beschikbaarheid van het systeem in gevaar kan brengen.
Oplossingen
Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans
medium
Schade
high
CWE-20
Improper Input Validation
CWE-23
Relative Path Traversal
CWE-125
Out-of-bounds Read
CWE-197
Numeric Truncation Error
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE-284
Improper Access Control
CWE-285
Improper Authorization
CWE-306
Missing Authentication for Critical Function
CWE-400
Uncontrolled Resource Consumption
CWE-404
Improper Resource Shutdown or Release
CWE-611
Improper Restriction of XML External Entity Reference
CWE-674
Uncontrolled Recursion
CWE-770
Allocation of Resources Without Limits or Throttling
CWE-862
Missing Authorization
CWE-863
Incorrect Authorization
CWE-918
Server-Side Request Forgery (SSRF)
CWE-937
CWE-937
CWE-1035
CWE-1035
CWE-1284
Improper Validation of Specified Quantity in Input
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in Oracle Financial Services componenten.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen ongeauthenticeerde aanvallers in staat om ongeautoriseerde toegang te krijgen tot gevoelige gegevens via HTTP. Dit kan leiden tot ongeoorloofde toegang en wijzigingen van kritieke data, met een CVSS-score van 9.8 die de significante impact op de vertrouwelijkheid benadrukt. Daarnaast zijn er kwetsbaarheden die kunnen leiden tot denial-of-service (DoS) aanvallen, wat de beschikbaarheid van het systeem in gevaar kan brengen.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "general",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "general",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "general",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "general",
"text": "Improper Validation of Specified Quantity in Input",
"title": "CWE-1284"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference",
"url": "https://www.oracle.com/security-alerts/cpuoct2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Financial Services",
"tracking": {
"current_release_date": "2025-10-23T13:35:32.902231Z",
"generator": {
"date": "2025-08-04T16:30:00Z",
"engine": {
"name": "V.A.",
"version": "1.3"
}
},
"id": "NCSC-2025-0333",
"initial_release_date": "2025-10-23T13:35:32.902231Z",
"revision_history": [
{
"date": "2025-10-23T13:35:32.902231Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-1"
}
}
],
"category": "product_name",
"name": "Financial Services Revenue Management And Billing"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-2"
}
}
],
"category": "product_name",
"name": "Oracle Banking Branch"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-3"
}
}
],
"category": "product_name",
"name": "Oracle Banking Corporate Lending Process Management"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-4"
}
}
],
"category": "product_name",
"name": "Oracle Banking Origination"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-5"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Analytical Applications Infrastructure"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-6"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Behavior Detection Platform"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-7"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Compliance Studio"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-8"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Model Management and Governance"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/*",
"product": {
"name": "vers:unknown/*",
"product_id": "CSAFPID-9"
}
}
],
"category": "product_name",
"name": "Oracle Financial Services Trade-Based Anti Money Laundering Enterprise Edition"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-11988",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "Multiple vulnerabilities in Oracle Financial Services applications and Apache XmlGraphics Commons allow unauthorized access to critical data and server-side request forgery, all with a CVSS score of 8.2.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-11988 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2020/cve-2020-11988.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2020-11988"
},
{
"cve": "CVE-2024-28168",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"notes": [
{
"category": "other",
"text": "Improper Restriction of XML External Entity Reference",
"title": "CWE-611"
},
{
"category": "description",
"text": "Recent updates address multiple security vulnerabilities across various products, including XML External Entity (XXE) issues in Apache XML Graphics FOP and Oracle applications, allowing unauthorized access to sensitive data.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-28168 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2024/cve-2024-28168.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2024-28168"
},
{
"cve": "CVE-2025-5115",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "The \u0027MadeYouReset\u0027 vulnerability in HTTP/2 affects certain Jetty versions, allowing denial of service through malformed control frames, while additional vulnerabilities exist in Oracle Communications and SAP Commerce Cloud.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-5115 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-5115.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-5115"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"notes": [
{
"category": "other",
"text": "Numeric Truncation Error",
"title": "CWE-197"
},
{
"category": "description",
"text": "Critical vulnerabilities in Oracle Communications Cloud Native Core and SQLite versions prior to 3.50.2 expose systems to severe risks, including memory corruption and integer truncation issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:D/RE:L/U:Green",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-6965 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-6965.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-27553",
"cwe": {
"id": "CWE-23",
"name": "Relative Path Traversal"
},
"notes": [
{
"category": "other",
"text": "Relative Path Traversal",
"title": "CWE-23"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Middleware and Apache Commons VFS expose critical data and allow unauthorized file access, with significant risks associated with their exploitation.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27553 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27553.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-27553"
},
{
"cve": "CVE-2025-27817",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "description",
"text": "Multiple vulnerabilities across Apache Kafka and Oracle applications allow unauthorized access to sensitive data, with notable SSRF risks and CVSS scores of 7.5 for Oracle products.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-27817 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-27817.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-27817"
},
{
"cve": "CVE-2025-31672",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "description",
"text": "Multiple vulnerabilities have been identified across various products, including Apache POI, Oracle BPM Suite, JD Edwards EnterpriseOne, and SAP BusinessObjects, affecting data integrity and allowing unauthorized access or manipulation.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-31672 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-31672.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-31672"
},
{
"cve": "CVE-2025-32415",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Specified Quantity in Input",
"title": "CWE-1284"
},
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "description",
"text": "Multiple vulnerabilities have been identified in Oracle Java SE and libxml2, allowing for potential system compromise and denial of service, with CVSS scores of 7.5 for several issues.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-32415 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-32415.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-32415"
},
{
"cve": "CVE-2025-41249",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "other",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "other",
"text": "Incorrect Authorization",
"title": "CWE-863"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle Financial Services and the Spring Framework expose critical data and authorization flaws, affecting multiple versions and products with significant security implications.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-41249 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-41249.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-41249"
},
{
"cve": "CVE-2025-48924",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "description",
"text": "Recent vulnerabilities in Oracle WebLogic Server and Apache Commons Lang versions expose systems to denial of service risks, including an uncontrolled recursion flaw leading to StackOverflowErrors.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48924 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48924.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48976",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "Multiple vulnerabilities affecting Oracle Application Testing Suite and Apache Commons FileUpload, including DoS risks due to insufficient multipart header limits, have been identified, with CVSS scores reaching 7.5.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48976 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48976.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "description",
"text": "Recent updates for Apache Tomcat versions 9, 10, and 11 address the \u0027MadeYouReset\u0027 DoS vulnerability in HTTP/2, along with various enhancements to components like Catalina and Coyote.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-48989 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-48989.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-50074",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Revenue Management and Billing (versions 2.9.0.0.0-7.2.0.0.0) allows high-privileged attackers to gain unauthorized access to critical data via HTTP, with a CVSS 3.1 Base Score of 4.9.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-50074 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-50074.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-50074"
},
{
"cve": "CVE-2025-50075",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Revenue Management and Billing (versions 2.9.0.0.0-7.2.0.0.0) allows low privileged attackers with HTTP access to potentially gain unauthorized access to critical data, with a CVSS score of 6.5.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-50075 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-50075.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-50075"
},
{
"cve": "CVE-2025-53034",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Analytical Applications Infrastructure versions 8.0.7.9, 8.0.8.7, and 8.1.2.5 allows unauthenticated attackers to compromise the system with human interaction, leading to unauthorized data access and modifications.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53034 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53034.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-53034"
},
{
"cve": "CVE-2025-53035",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows low privileged attackers to access critical data, affecting versions 8.0.7.9, 8.0.8.7, and 8.1.2.5, with a CVSS score of 6.5.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53035 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53035.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-53035"
},
{
"cve": "CVE-2025-53036",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Analytical Applications Infrastructure versions 8.0.7.9, 8.0.8.7, and 8.1.2.5 allows unauthenticated attackers to access critical data via HTTP, with a CVSS score of 8.6.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53036 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53036.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-53036"
},
{
"cve": "CVE-2025-53037",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "description",
"text": "A critical vulnerability in Oracle Financial Services Analytical Applications Infrastructure (versions 8.0.7.9, 8.0.8.7, and 8.1.2.5) allows unauthenticated attackers to compromise the system via HTTP, with a CVSS score of 9.8.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-53037 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-53037.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-53037"
},
{
"cve": "CVE-2025-55163",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "other",
"text": "CWE-1035",
"title": "CWE-1035"
},
{
"category": "other",
"text": "CWE-937",
"title": "CWE-937"
},
{
"category": "description",
"text": "Recent updates to Netty address critical vulnerabilities, including the \u0027MadeYouReset\u0027 DDoS attack in HTTP/2, which can lead to denial of service through resource exhaustion in various affected versions.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-55163 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-55163.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat (CVE-2025-59375) allows excessive memory allocations from crafted XML input, affecting versions prior to 2.7.2, while a Security-in-Depth issue exists in Oracle Database Server\u0027s Perl component but is not exploitable.",
"title": "Summary"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59375 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-59375.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-59375"
},
{
"cve": "CVE-2025-61751",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"notes": [
{
"category": "other",
"text": "Missing Authorization",
"title": "CWE-862"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Analytical Applications Infrastructure versions 8.0.7.9, 8.0.8.7, and 8.1.2.5 allows low-privileged attackers to exploit it via HTTP, posing significant risks to data confidentiality and integrity.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-61751 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-61751.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-61751"
},
{
"cve": "CVE-2025-61756",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"category": "other",
"text": "Missing Authentication for Critical Function",
"title": "CWE-306"
},
{
"category": "description",
"text": "A vulnerability in Oracle Financial Services Analytical Applications Infrastructure allows unauthenticated attackers to execute denial of service attacks on specific versions, rated with a CVSS score of 7.5.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-61756 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-61756.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1",
"CSAFPID-2",
"CSAFPID-3",
"CSAFPID-4",
"CSAFPID-5",
"CSAFPID-6",
"CSAFPID-7",
"CSAFPID-8",
"CSAFPID-9"
]
}
],
"title": "CVE-2025-61756"
}
]
}
OPENSUSE-SU-2025-20055-1
Vulnerability from csaf_opensuse - Published: 2025-11-19 09:37 - Updated: 2025-11-19 09:37Summary
Security update for expat
Notes
Title of the patch
Security update for expat
Description of the patch
This update for expat fixes the following issues:
- CVE-2025-59375: Fixed large dynamic memory allocations via a small document submitted for parsing (bsc#1249584)
Patchnames
openSUSE-Leap-16.0-29
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for expat",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for expat fixes the following issues:\n\n- CVE-2025-59375: Fixed large dynamic memory allocations via a small document submitted for parsing (bsc#1249584)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-29",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025-20055-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1249584",
"url": "https://bugzilla.suse.com/1249584"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59375/"
}
],
"title": "Security update for expat",
"tracking": {
"current_release_date": "2025-11-19T09:37:50Z",
"generator": {
"date": "2025-11-19T09:37:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025-20055-1",
"initial_release_date": "2025-11-19T09:37:50Z",
"revision_history": [
{
"date": "2025-11-19T09:37:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-160000.3.1.aarch64",
"product": {
"name": "expat-2.7.1-160000.3.1.aarch64",
"product_id": "expat-2.7.1-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-160000.3.1.aarch64",
"product": {
"name": "libexpat-devel-2.7.1-160000.3.1.aarch64",
"product_id": "libexpat-devel-2.7.1-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.aarch64",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.aarch64",
"product_id": "libexpat1-2.7.1-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-160000.3.1.ppc64le",
"product": {
"name": "expat-2.7.1-160000.3.1.ppc64le",
"product_id": "expat-2.7.1-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-160000.3.1.ppc64le",
"product": {
"name": "libexpat-devel-2.7.1-160000.3.1.ppc64le",
"product_id": "libexpat-devel-2.7.1-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.ppc64le",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.ppc64le",
"product_id": "libexpat1-2.7.1-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-160000.3.1.s390x",
"product": {
"name": "expat-2.7.1-160000.3.1.s390x",
"product_id": "expat-2.7.1-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-160000.3.1.s390x",
"product": {
"name": "libexpat-devel-2.7.1-160000.3.1.s390x",
"product_id": "libexpat-devel-2.7.1-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.s390x",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.s390x",
"product_id": "libexpat1-2.7.1-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.1-160000.3.1.x86_64",
"product": {
"name": "expat-2.7.1-160000.3.1.x86_64",
"product_id": "expat-2.7.1-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.1-160000.3.1.x86_64",
"product": {
"name": "libexpat-devel-2.7.1-160000.3.1.x86_64",
"product_id": "libexpat-devel-2.7.1-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.1-160000.3.1.x86_64",
"product": {
"name": "libexpat1-2.7.1-160000.3.1.x86_64",
"product_id": "libexpat1-2.7.1-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:expat-2.7.1-160000.3.1.aarch64"
},
"product_reference": "expat-2.7.1-160000.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:expat-2.7.1-160000.3.1.ppc64le"
},
"product_reference": "expat-2.7.1-160000.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:expat-2.7.1-160000.3.1.s390x"
},
"product_reference": "expat-2.7.1-160000.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.1-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:expat-2.7.1-160000.3.1.x86_64"
},
"product_reference": "expat-2.7.1-160000.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.s390x"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.1-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.1-160000.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.aarch64"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.ppc64le"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.s390x"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.1-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.x86_64"
},
"product_reference": "libexpat1-2.7.1-160000.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59375"
}
],
"notes": [
{
"category": "general",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.aarch64",
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.ppc64le",
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.s390x",
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.x86_64",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.s390x",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.aarch64",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.ppc64le",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.s390x",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59375",
"url": "https://www.suse.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "SUSE Bug 1249584 for CVE-2025-59375",
"url": "https://bugzilla.suse.com/1249584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.aarch64",
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.ppc64le",
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.s390x",
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.x86_64",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.s390x",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.aarch64",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.ppc64le",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.s390x",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.aarch64",
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.ppc64le",
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.s390x",
"openSUSE Leap 16.0:expat-2.7.1-160000.3.1.x86_64",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.aarch64",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.ppc64le",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.s390x",
"openSUSE Leap 16.0:libexpat-devel-2.7.1-160000.3.1.x86_64",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.aarch64",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.ppc64le",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.s390x",
"openSUSE Leap 16.0:libexpat1-2.7.1-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-19T09:37:50Z",
"details": "important"
}
],
"title": "CVE-2025-59375"
}
]
}
OPENSUSE-SU-2025:15573-1
Vulnerability from csaf_opensuse - Published: 2025-09-23 00:00 - Updated: 2025-09-23 00:00Summary
expat-2.7.2-1.1 on GA media
Notes
Title of the patch
expat-2.7.2-1.1 on GA media
Description of the patch
These are all security issues fixed in the expat-2.7.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15573
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "expat-2.7.2-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the expat-2.7.2-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15573",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15573-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-59375 page",
"url": "https://www.suse.com/security/cve/CVE-2025-59375/"
}
],
"title": "expat-2.7.2-1.1 on GA media",
"tracking": {
"current_release_date": "2025-09-23T00:00:00Z",
"generator": {
"date": "2025-09-23T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15573-1",
"initial_release_date": "2025-09-23T00:00:00Z",
"revision_history": [
{
"date": "2025-09-23T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.2-1.1.aarch64",
"product": {
"name": "expat-2.7.2-1.1.aarch64",
"product_id": "expat-2.7.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.2-1.1.aarch64",
"product": {
"name": "libexpat-devel-2.7.2-1.1.aarch64",
"product_id": "libexpat-devel-2.7.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.7.2-1.1.aarch64",
"product": {
"name": "libexpat-devel-32bit-2.7.2-1.1.aarch64",
"product_id": "libexpat-devel-32bit-2.7.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.2-1.1.aarch64",
"product": {
"name": "libexpat1-2.7.2-1.1.aarch64",
"product_id": "libexpat1-2.7.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.7.2-1.1.aarch64",
"product": {
"name": "libexpat1-32bit-2.7.2-1.1.aarch64",
"product_id": "libexpat1-32bit-2.7.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.2-1.1.ppc64le",
"product": {
"name": "expat-2.7.2-1.1.ppc64le",
"product_id": "expat-2.7.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.2-1.1.ppc64le",
"product": {
"name": "libexpat-devel-2.7.2-1.1.ppc64le",
"product_id": "libexpat-devel-2.7.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.7.2-1.1.ppc64le",
"product": {
"name": "libexpat-devel-32bit-2.7.2-1.1.ppc64le",
"product_id": "libexpat-devel-32bit-2.7.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.2-1.1.ppc64le",
"product": {
"name": "libexpat1-2.7.2-1.1.ppc64le",
"product_id": "libexpat1-2.7.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.7.2-1.1.ppc64le",
"product": {
"name": "libexpat1-32bit-2.7.2-1.1.ppc64le",
"product_id": "libexpat1-32bit-2.7.2-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.2-1.1.s390x",
"product": {
"name": "expat-2.7.2-1.1.s390x",
"product_id": "expat-2.7.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.2-1.1.s390x",
"product": {
"name": "libexpat-devel-2.7.2-1.1.s390x",
"product_id": "libexpat-devel-2.7.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.7.2-1.1.s390x",
"product": {
"name": "libexpat-devel-32bit-2.7.2-1.1.s390x",
"product_id": "libexpat-devel-32bit-2.7.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.2-1.1.s390x",
"product": {
"name": "libexpat1-2.7.2-1.1.s390x",
"product_id": "libexpat1-2.7.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.7.2-1.1.s390x",
"product": {
"name": "libexpat1-32bit-2.7.2-1.1.s390x",
"product_id": "libexpat1-32bit-2.7.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "expat-2.7.2-1.1.x86_64",
"product": {
"name": "expat-2.7.2-1.1.x86_64",
"product_id": "expat-2.7.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-2.7.2-1.1.x86_64",
"product": {
"name": "libexpat-devel-2.7.2-1.1.x86_64",
"product_id": "libexpat-devel-2.7.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat-devel-32bit-2.7.2-1.1.x86_64",
"product": {
"name": "libexpat-devel-32bit-2.7.2-1.1.x86_64",
"product_id": "libexpat-devel-32bit-2.7.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-2.7.2-1.1.x86_64",
"product": {
"name": "libexpat1-2.7.2-1.1.x86_64",
"product_id": "libexpat1-2.7.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "libexpat1-32bit-2.7.2-1.1.x86_64",
"product": {
"name": "libexpat1-32bit-2.7.2-1.1.x86_64",
"product_id": "libexpat1-32bit-2.7.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:expat-2.7.2-1.1.aarch64"
},
"product_reference": "expat-2.7.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:expat-2.7.2-1.1.ppc64le"
},
"product_reference": "expat-2.7.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:expat-2.7.2-1.1.s390x"
},
"product_reference": "expat-2.7.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "expat-2.7.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:expat-2.7.2-1.1.x86_64"
},
"product_reference": "expat-2.7.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.aarch64"
},
"product_reference": "libexpat-devel-2.7.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.ppc64le"
},
"product_reference": "libexpat-devel-2.7.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.s390x"
},
"product_reference": "libexpat-devel-2.7.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-2.7.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.x86_64"
},
"product_reference": "libexpat-devel-2.7.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-32bit-2.7.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.aarch64"
},
"product_reference": "libexpat-devel-32bit-2.7.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-32bit-2.7.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.ppc64le"
},
"product_reference": "libexpat-devel-32bit-2.7.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-32bit-2.7.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.s390x"
},
"product_reference": "libexpat-devel-32bit-2.7.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat-devel-32bit-2.7.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.x86_64"
},
"product_reference": "libexpat-devel-32bit-2.7.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-2.7.2-1.1.aarch64"
},
"product_reference": "libexpat1-2.7.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-2.7.2-1.1.ppc64le"
},
"product_reference": "libexpat1-2.7.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-2.7.2-1.1.s390x"
},
"product_reference": "libexpat1-2.7.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-2.7.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-2.7.2-1.1.x86_64"
},
"product_reference": "libexpat1-2.7.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.aarch64"
},
"product_reference": "libexpat1-32bit-2.7.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.ppc64le"
},
"product_reference": "libexpat1-32bit-2.7.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.s390x"
},
"product_reference": "libexpat1-32bit-2.7.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libexpat1-32bit-2.7.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.x86_64"
},
"product_reference": "libexpat1-32bit-2.7.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-59375"
}
],
"notes": [
{
"category": "general",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:expat-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:expat-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:expat-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:expat-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-59375",
"url": "https://www.suse.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "SUSE Bug 1249584 for CVE-2025-59375",
"url": "https://bugzilla.suse.com/1249584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:expat-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:expat-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:expat-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:expat-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:expat-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:expat-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:expat-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:expat-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat-devel-32bit-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat1-2.7.2-1.1.x86_64",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.aarch64",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.ppc64le",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.s390x",
"openSUSE Tumbleweed:libexpat1-32bit-2.7.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-23T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-59375"
}
]
}
FKIE_CVE-2025-59375
Vulnerability from fkie_nvd - Published: 2025-09-15 03:15 - Updated: 2025-11-04 22:16
Severity ?
Summary
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74 | Product | |
| cve@mitre.org | https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes | Product | |
| cve@mitre.org | https://github.com/libexpat/libexpat/issues/1018 | Exploit, Issue Tracking | |
| cve@mitre.org | https://github.com/libexpat/libexpat/pull/1034 | Issue Tracking | |
| cve@mitre.org | https://issues.oss-fuzz.com/issues/439133977 | Exploit, Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/09/16/2 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libexpat_project | libexpat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2562E072-C9E9-432C-9545-404F89D73E00",
"versionEndExcluding": "2.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing."
}
],
"id": "CVE-2025-59375",
"lastModified": "2025-11-04T22:16:34.927",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "cve@mitre.org",
"type": "Secondary"
}
]
},
"published": "2025-09-15T03:15:40.920",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
],
"url": "https://issues.oss-fuzz.com/issues/439133977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2025/09/16/2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-770"
}
],
"source": "cve@mitre.org",
"type": "Secondary"
}
]
}
GHSA-VJQP-PJP6-XCXX
Vulnerability from github – Published: 2025-09-15 03:32 – Updated: 2025-09-17 15:30
VLAI?
Details
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2025-59375"
],
"database_specific": {
"cwe_ids": [
"CWE-770"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-15T03:15:40Z",
"severity": "HIGH"
},
"details": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"id": "GHSA-vjqp-pjp6-xcxx",
"modified": "2025-09-17T15:30:26Z",
"published": "2025-09-15T03:32:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"type": "WEB",
"url": "https://github.com/libexpat/libexpat/issues/1018"
},
{
"type": "WEB",
"url": "https://github.com/libexpat/libexpat/pull/1034"
},
{
"type": "WEB",
"url": "https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74"
},
{
"type": "WEB",
"url": "https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes"
},
{
"type": "WEB",
"url": "https://issues.oss-fuzz.com/issues/439133977"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
MSRC_CVE-2025-59375
Vulnerability from csaf_microsoft - Published: 2025-09-02 00:00 - Updated: 2025-09-16 01:01Summary
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59375 libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-59375.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"tracking": {
"current_release_date": "2025-09-16T01:01:15.000Z",
"generator": {
"date": "2025-10-20T03:48:57.155Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-59375",
"initial_release_date": "2025-09-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-09-16T01:01:15.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 expat 2.6.4-2",
"product": {
"name": "\u003ccbl2 expat 2.6.4-2",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 expat 2.6.4-2",
"product": {
"name": "cbl2 expat 2.6.4-2",
"product_id": "20543"
}
},
{
"category": "product_version_range",
"name": "\u003cazl3 expat 2.6.4-1",
"product": {
"name": "\u003cazl3 expat 2.6.4-1",
"product_id": "7"
}
},
{
"category": "product_version",
"name": "azl3 expat 2.6.4-1",
"product": {
"name": "azl3 expat 2.6.4-1",
"product_id": "17470"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 expat 2.6.4-1",
"product": {
"name": "\u003ccbl2 expat 2.6.4-1",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "cbl2 expat 2.6.4-1",
"product": {
"name": "cbl2 expat 2.6.4-1",
"product_id": "20210"
}
}
],
"category": "product_name",
"name": "expat"
},
{
"category": "product_name",
"name": "cbl2 cmake 3.21.4-18",
"product": {
"name": "cbl2 cmake 3.21.4-18",
"product_id": "4"
}
},
{
"category": "product_name",
"name": "azl3 cmake 3.30.3-9",
"product": {
"name": "azl3 cmake 3.30.3-9",
"product_id": "2"
}
},
{
"category": "product_name",
"name": "cbl2 python3 3.9.19-14",
"product": {
"name": "cbl2 python3 3.9.19-14",
"product_id": "6"
}
},
{
"category": "product_name",
"name": "azl3 python3 3.12.9-4",
"product": {
"name": "azl3 python3 3.12.9-4",
"product_id": "5"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 expat 2.6.4-2 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 expat 2.6.4-2 as a component of CBL Mariner 2.0",
"product_id": "20543-17086"
},
"product_reference": "20543",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 expat 2.6.4-1 as a component of Azure Linux 3.0",
"product_id": "17084-7"
},
"product_reference": "7",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 expat 2.6.4-1 as a component of Azure Linux 3.0",
"product_id": "17470-17084"
},
"product_reference": "17470",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 cmake 3.21.4-18 as a component of CBL Mariner 2.0",
"product_id": "17086-4"
},
"product_reference": "4",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 expat 2.6.4-1 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 expat 2.6.4-1 as a component of CBL Mariner 2.0",
"product_id": "20210-17086"
},
"product_reference": "20210",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 cmake 3.30.3-9 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 python3 3.9.19-14 as a component of CBL Mariner 2.0",
"product_id": "17086-6"
},
"product_reference": "6",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 python3 3.12.9-4 as a component of Azure Linux 3.0",
"product_id": "17084-5"
},
"product_reference": "5",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"flags": [
{
"label": "vulnerable_code_not_in_execute_path",
"product_ids": [
"17086-4",
"17084-2",
"17086-6",
"17084-5"
]
}
],
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20543-17086",
"17470-17084",
"20210-17086"
],
"known_affected": [
"17086-1",
"17084-7",
"17086-3"
],
"known_not_affected": [
"17086-4",
"17084-2",
"17086-6",
"17084-5"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-59375 libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-59375.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-09-16T01:01:15.000Z",
"details": "2.6.4-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1",
"17084-7",
"17086-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalsScore": 0.0,
"exploitCodeMaturity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "TEMPORARY_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.2,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H/RL:T/RC:C",
"version": "3.1"
},
"products": [
"17086-1",
"17084-7",
"17086-3"
]
}
],
"title": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing."
}
]
}
SSA-082556
Vulnerability from csaf_siemens - Published: 2025-06-10 00:00 - Updated: 2026-01-13 00:00Summary
SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5
Notes
Summary
Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).
Siemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)",
"tlp": {
"label": "WHITE"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Multiple vulnerabilities have been identified in the additional GNU/Linux subsystem of the firmware version V3.1.5 for the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP (incl. SIPLUS variant).\n\nSiemens is preparing fix versions and recommends countermeasures for products where fixes are not, or not yet available.",
"title": "Summary"
},
{
"category": "general",
"text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity",
"title": "General Recommendations"
},
{
"category": "general",
"text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "productcert@siemens.com",
"name": "Siemens ProductCERT",
"namespace": "https://www.siemens.com"
},
"references": [
{
"category": "self",
"summary": "SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 - HTML Version",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-082556.html"
},
{
"category": "self",
"summary": "SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5 - CSAF Version",
"url": "https://cert-portal.siemens.com/productcert/csaf/ssa-082556.json"
}
],
"title": "SSA-082556: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1.5",
"tracking": {
"current_release_date": "2026-01-13T00:00:00Z",
"generator": {
"engine": {
"name": "Siemens ProductCERT CSAF Generator",
"version": "1"
}
},
"id": "SSA-082556",
"initial_release_date": "2025-06-10T00:00:00Z",
"revision_history": [
{
"date": "2025-06-10T00:00:00Z",
"legacy_version": "1.0",
"number": "1",
"summary": "Publication Date"
},
{
"date": "2025-08-12T00:00:00Z",
"legacy_version": "1.1",
"number": "2",
"summary": "Added CVE-2025-6395, CVE-2025-32988, CVE-2025-32989, CVE-2025-32990"
},
{
"date": "2026-01-13T00:00:00Z",
"legacy_version": "1.2",
"number": "3",
"summary": "Added CVE-2025-66382, CVE-2025-39929, CVE-2025-39931, CVE-2025-39977, CVE-2025-40022, CVE-2025-11082, CVE-2025-11083, CVE-2025-11412, CVE-2025-11413, CVE-2025-11414, CVE-2025-11494, CVE-2025-11495, CVE-2025-11839, CVE-2025-11840, CVE-2025-9230, CVE-2025-9232, CVE-2025-3198, CVE-2025-5244, CVE-2025-5245, CVE-2025-7545, CVE-2025-7546, CVE-2025-8224, CVE-2025-7425, CVE-2025-59375"
}
],
"status": "interim",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)",
"product_id": "1",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4AX00-1AB0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)",
"product_id": "2",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4AX00-1AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518-4 PN/DP MFP (6ES7518-4AX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)",
"product_id": "3",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4FX00-1AB0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AB0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)",
"product_id": "4",
"product_identification_helper": {
"model_numbers": [
"6ES7518-4FX00-1AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP (6ES7518-4FX00-1AC0)"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:intdot/\u003e=3.1.5",
"product": {
"name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)",
"product_id": "5",
"product_identification_helper": {
"model_numbers": [
"6AG1518-4AX00-4AC0"
]
}
}
}
],
"category": "product_name",
"name": "SIPLUS S7-1500 CPU 1518-4 PN/DP MFP (6AG1518-4AX00-4AC0)"
}
],
"category": "vendor",
"name": "Siemens"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-41617",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2021-41617"
},
{
"cve": "CVE-2023-4527",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-4527"
},
{
"cve": "CVE-2023-4806",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-4806"
},
{
"cve": "CVE-2023-4911",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "A buffer overflow was discovered in the GNU C Library\u0027s dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-4911"
},
{
"cve": "CVE-2023-5363",
"cwe": {
"id": "CWE-684",
"name": "Incorrect Provision of Specified Functionality"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the \"keylen\" parameter or the IV length, via the \"ivlen\" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB. For the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST\u0027s SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse. Both truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. However, these issues are not currently assessed as security critical. Changing the key and/or IV lengths is not considered to be a common operation and the vulnerable API was recently introduced. Furthermore it is likely that application developers will have spotted this problem during testing since decryption would fail unless both peers in the communication were similarly vulnerable. For these reasons we expect the probability of an application being vulnerable to this to be quite low. However if an application is vulnerable then this issue is considered very serious. For these reasons we have assessed this issue as Moderate severity overall. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this because the issue lies outside of the FIPS provider boundary. OpenSSL 3.1 and 3.0 are vulnerable to this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-5363"
},
{
"cve": "CVE-2023-6246",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-6246"
},
{
"cve": "CVE-2023-6779",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-6779"
},
{
"cve": "CVE-2023-6780",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-6780"
},
{
"cve": "CVE-2023-28531",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-28531"
},
{
"cve": "CVE-2023-38545",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.\r\n\r\nWhen curl is asked to pass along the hostname to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that hostname can be is 255 bytes.\r\n\r\nIf the hostname is detected to be longer than 255 bytes, curl switches to local name resolving and instead passes on the resolved address only to the proxy. Due to a bug, the local variable that means \"let the host resolve the name\" could get the wrong value during a slow SOCKS5 handshake, and contrary to the intention, copy the too long hostname to the target buffer instead of copying just the resolved address there.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-38545"
},
{
"cve": "CVE-2023-38546",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"notes": [
{
"category": "summary",
"text": "This flaw allows an attacker to insert cookies at will into a running program\r\nusing libcurl, if the specific series of conditions are met.\r\n\r\nlibcurl performs transfers. In its API, an application creates \"easy handles\"\r\nthat are the individual handles for single transfers.\r\n\r\nlibcurl provides a function call that duplicates en easy handle called\r\n[curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html).\r\n\r\nIf a transfer has cookies enabled when the handle is duplicated, the\r\ncookie-enable state is also cloned - but without cloning the actual\r\ncookies. If the source handle did not read any cookies from a specific file on\r\ndisk, the cloned version of the handle would instead store the file name as\r\n`none` (using the four ASCII letters, no quotes).\r\n\r\nSubsequent use of the cloned handle that does not explicitly set a source to\r\nload cookies from would then inadvertently load cookies from a file named\r\n`none` - if such a file exists and is readable in the current directory of the\r\nprogram using libcurl. And if using the correct file format of course.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-38546"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "summary",
"text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-46218",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"notes": [
{
"category": "summary",
"text": "This flaw allows a malicious HTTP server to set \"super cookies\" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl\u0027s function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-46218"
},
{
"cve": "CVE-2023-46219",
"cwe": {
"id": "CWE-311",
"name": "Missing Encryption of Sensitive Data"
},
"notes": [
{
"category": "summary",
"text": "When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-46219"
},
{
"cve": "CVE-2023-48795",
"cwe": {
"id": "CWE-222",
"name": "Truncation of Security-relevant Information"
},
"notes": [
{
"category": "summary",
"text": "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH\u0027s use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust; and there could be effects on Bitvise SSH through 9.31.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-48795"
},
{
"cve": "CVE-2023-51384",
"cwe": {
"id": "CWE-304",
"name": "Missing Critical Step in Authentication"
},
"notes": [
{
"category": "summary",
"text": "In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-51384"
},
{
"cve": "CVE-2023-51385",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-51385"
},
{
"cve": "CVE-2023-52927",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash table. However, in some scenario, we expect the exp not to be removed when the created ct will not be confirmed, like in OVS and TC conntrack in the following patches. This patch allows exp not to be removed by setting IPS_CONFIRMED in the status of the tmpl.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2023-52927"
},
{
"cve": "CVE-2024-2961",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-2961"
},
{
"cve": "CVE-2024-6119",
"cwe": {
"id": "CWE-843",
"name": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don\u0027t perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-6119"
},
{
"cve": "CVE-2024-6387",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "summary",
"text": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-6387"
},
{
"cve": "CVE-2024-12133",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "summary",
"text": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-12133"
},
{
"cve": "CVE-2024-12243",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-12243"
},
{
"cve": "CVE-2024-24855",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "A race condition was found in the Linux kernel\u0027s scsi device driver in lpfc_unregister_fcf_rescan() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-24855"
},
{
"cve": "CVE-2024-26596",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net: dsa: netdev_priv() dereference before check on non-DSA netdevice events.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-26596"
},
{
"cve": "CVE-2024-28085",
"cwe": {
"id": "CWE-150",
"name": "Improper Neutralization of Escape, Meta, or Control Sequences"
},
"notes": [
{
"category": "summary",
"text": "wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users\u0027 terminals through argv. (Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-28085"
},
{
"cve": "CVE-2024-33599",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "nscd: Stack-based buffer overflow in netgroup cache\r\n\r\nIf the Name Service Cache Daemon\u0027s (nscd) fixed size cache is exhausted\r\nby client requests then a subsequent client request for netgroup data\r\nmay result in a stack-based buffer overflow. This flaw was introduced\r\nin glibc 2.15 when the cache was added to nscd.\r\n\r\nThis vulnerability is only present in the nscd binary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-33599"
},
{
"cve": "CVE-2024-33600",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "nscd: Null pointer crashes after notfound response\r\n\r\nIf the Name Service Cache Daemon\u0027s (nscd) cache fails to add a not-found\r\nnetgroup response to the cache, the client request can result in a null\r\npointer dereference. This flaw was introduced in glibc 2.15 when the\r\ncache was added to nscd.\r\n\r\nThis vulnerability is only present in the nscd binary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-33600"
},
{
"cve": "CVE-2024-33601",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"notes": [
{
"category": "summary",
"text": "nscd: netgroup cache may terminate daemon on memory allocation failure\r\n\r\nThe Name Service Cache Daemon\u0027s (nscd) netgroup cache uses xmalloc or\r\nxrealloc and these functions may terminate the process due to a memory\r\nallocation failure resulting in a denial of service to the clients. The\r\nflaw was introduced in glibc 2.15 when the cache was added to nscd.\r\n\r\nThis vulnerability is only present in the nscd binary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-33601"
},
{
"cve": "CVE-2024-33602",
"cwe": {
"id": "CWE-466",
"name": "Return of Pointer Value Outside of Expected Range"
},
"notes": [
{
"category": "summary",
"text": "nscd: netgroup cache assumes NSS callback uses in-buffer strings\r\n\r\nThe Name Service Cache Daemon\u0027s (nscd) netgroup cache can corrupt memory\r\nwhen the NSS callback does not store all strings in the provided buffer.\r\nThe flaw was introduced in glibc 2.15 when the cache was added to nscd.\r\n\r\nThis vulnerability is only present in the nscd binary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.0,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-33602"
},
{
"cve": "CVE-2024-34397",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service. This could lead to the GDBus-based client behaving incorrectly, with an application-dependent impact.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-34397"
},
{
"cve": "CVE-2024-37370",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "summary",
"text": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-37370"
},
{
"cve": "CVE-2024-37371",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"notes": [
{
"category": "summary",
"text": "In MIT Kerberos 5 (aka krb5) before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-37371"
},
{
"cve": "CVE-2024-45490",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-45490"
},
{
"cve": "CVE-2024-45491",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-45491"
},
{
"cve": "CVE-2024-45492",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"notes": [
{
"category": "summary",
"text": "An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-45492"
},
{
"cve": "CVE-2024-50246",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfs/ntfs3: Add rough attr alloc_size check",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-50246"
},
{
"cve": "CVE-2024-53166",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "block, bfq: bfqq uaf in bfq_limit_depth() Set new allocated bfqq to bic or remove freed bfqq from bic are both protected by bfqd-\u003elock, however bfq_limit_depth() is deferencing bfqq from bic without the lock, this can lead to UAF if the io_context is shared by multiple tasks.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-53166"
},
{
"cve": "CVE-2024-57977",
"cwe": {
"id": "CWE-667",
"name": "Improper Locking"
},
"notes": [
{
"category": "summary",
"text": "memcg: A soft lockup vulnerability in the product with about 56,000 tasks were in the OOM cgroup, it was traversing them when the soft lockup was triggered.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-57977"
},
{
"cve": "CVE-2024-57996",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"notes": [
{
"category": "summary",
"text": "net_sched: sch_sfq: vulnerability caused by incorrectly handling a packet limit of 1, leading to an array-index-out-of-bounds error and subsequent crash when the queue length is decremented for an empty slot.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-57996"
},
{
"cve": "CVE-2024-58005",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "tpm: Change to kvalloc() in eventlog/acpi.c.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2024-58005"
},
{
"cve": "CVE-2025-3198",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-3198"
},
{
"cve": "CVE-2025-4373",
"cwe": {
"id": "CWE-124",
"name": "Buffer Underwrite (\u0027Buffer Underflow\u0027)"
},
"notes": [
{
"category": "summary",
"text": "GLib is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-4373"
},
{
"cve": "CVE-2025-4598",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\r\n\r\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-4598"
},
{
"cve": "CVE-2025-5244",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-5244"
},
{
"cve": "CVE-2025-5245",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-5245"
},
{
"cve": "CVE-2025-6395",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-6395"
},
{
"cve": "CVE-2025-7425",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-7425"
},
{
"cve": "CVE-2025-7545",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to apply a patch to fix this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-7545"
},
{
"cve": "CVE-2025-7546",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-7546"
},
{
"cve": "CVE-2025-8224",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is db856d41004301b3a56438efd957ef5cabb91530. It is recommended to apply a patch to fix this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-8224"
},
{
"cve": "CVE-2025-9230",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a memory corruption which can have various consequences including a Denial of Service or Execution of attacker-supplied code. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. For that reason the issue was assessed as Moderate severity according to our Security Policy. The FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this issue, as the CMS implementation is outside the OpenSSL FIPS module boundary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-9230"
},
{
"cve": "CVE-2025-9232",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "Issue summary: An application using the OpenSSL HTTP client API functions may\ntrigger an out-of-bounds read if the \u0027no_proxy\u0027 environment variable is set and\nthe host portion of the authority component of the HTTP URL is an IPv6 address.\n\nImpact summary: An out-of-bounds read can trigger a crash which leads to\nDenial of Service for an application.\n\nThe OpenSSL HTTP client API functions can be used directly by applications\nbut they are also used by the OCSP client functions and CMP (Certificate\nManagement Protocol) client implementation in OpenSSL. However the URLs used\nby these implementations are unlikely to be controlled by an attacker.\n\nIn this vulnerable code the out of bounds read can only trigger a crash.\nFurthermore the vulnerability requires an attacker-controlled URL to be\npassed from an application to the OpenSSL function and the user has to have\na \u0027no_proxy\u0027 environment variable set. For the aforementioned reasons the\nissue was assessed as Low severity.\n\nThe vulnerable code was introduced in the following patch releases:\n3.0.16, 3.1.8, 3.2.4, 3.3.3, 3.4.0 and 3.5.0.\n\nThe FIPS modules in 3.5, 3.4, 3.3, 3.2, 3.1 and 3.0 are not affected by this\nissue, as the HTTP client implementation is outside the OpenSSL FIPS module\nboundary.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-9232"
},
{
"cve": "CVE-2025-11082",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with \"[f]ixed for 2.46\".",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-11082"
},
{
"cve": "CVE-2025-11083",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with \"[f]ixed for 2.46\".",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-11083"
},
{
"cve": "CVE-2025-11412",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-11412"
},
{
"cve": "CVE-2025-11413",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Upgrading to version 2.46 is able to address this issue. The patch is identified as 72efdf166aa0ed72ecc69fc2349af6591a7a19c0. Upgrading the affected component is advised.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-11413"
},
{
"cve": "CVE-2025-11414",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-11414"
},
{
"cve": "CVE-2025-11494",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-11494"
},
{
"cve": "CVE-2025-11495",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: 6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0. To fix this issue, it is recommended to deploy a patch.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-11495"
},
{
"cve": "CVE-2025-11839",
"cwe": {
"id": "CWE-252",
"name": "Unchecked Return Value"
},
"notes": [
{
"category": "summary",
"text": "A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-11839"
},
{
"cve": "CVE-2025-11840",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "summary",
"text": "A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be exploited. This patch is called 16357. It is best practice to apply a patch to resolve this issue.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-11840"
},
{
"cve": "CVE-2025-21701",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "summary",
"text": "net: vulnerability arises because unregister_netdevice_many_notify might run before the rtnl lock section of ethnl operations, leading to potential use of destroyed locks, which is fixed by denying operations on devices being unregistered.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21701"
},
{
"cve": "CVE-2025-21702",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "pfifo_tail_enqueue: Drop new packet when sch-\u003elimit == 0.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21702"
},
{
"cve": "CVE-2025-21712",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "md/md-bitmap: vulnerability caused by bitmap_get_stats() can be called even if the bitmap is destroyed or not fully initialized, leading to a kernel crash, which is fixed by synchronizing bitmap_get_stats() with bitmap_info.mutex.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21712"
},
{
"cve": "CVE-2025-21724",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index(). Resolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index() where shifting the constant \"1\" (of type int) by bitmap-\u003emapped.pgshift (an unsigned long value) could result in undefined behavior. The constant \"1\" defaults to a 32-bit \"int\", and when \"pgshift\" exceeds 31 (e.g., pgshift = 63) the shift operation overflows, as the result cannot be represented in a 32-bit type.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21724"
},
{
"cve": "CVE-2025-21728",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "bpf: Send signals asynchronously if !preemptible BPF programs can execute in all kinds of contexts and when a program running in a non-preemptible context uses the bpf_send_signal() kfunc, it will cause issues because this kfunc can sleep.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21728"
},
{
"cve": "CVE-2025-21745",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nblk-cgroup: Fix class @block_class\u0027s subsystem refcount leakage\r\n\r\nblkcg_fill_root_iostats() iterates over @block_class\u0027s devices by\r\nclass_dev_iter_(init|next)(), but does not end iterating with\r\nclass_dev_iter_exit(), so causes the class\u0027s subsystem refcount leakage.\r\n\r\nFix by ending the iterating with class_dev_iter_exit().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21745"
},
{
"cve": "CVE-2025-21756",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind() and those implicitly bound through autobind during connect().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21756"
},
{
"cve": "CVE-2025-21758",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipv6: mcast: add RCU protection to mld_newpack() mld_newpack() can be called without RTNL or RCU being held.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21758"
},
{
"cve": "CVE-2025-21765",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipv6: use RCU protection in ip6_default_advmss() ip6_default_advmss() needs rcu protection to make sure the net structure it reads does not disappear.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21765"
},
{
"cve": "CVE-2025-21766",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "ipv4: use RCU protection in __ip_rt_update_pmtu(). __ip_rt_update_pmtu() must use RCU protection to make sure the net structure it reads does not disappear.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21766"
},
{
"cve": "CVE-2025-21767",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved: clocksource: Use migrate_disable() to avoid calling get_random_u32() in atomic context The following bug report happened with a PREEMPT_RT kernel: BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2012, name: kwatchdog preempt_count: 1, expected: 0 RCU nest depth: 0, expected: 0 get_random_u32+0x4f/0x110 clocksource_verify_choose_cpus+0xab/0x1a0 clocksource_verify_percpu.part.0+0x6b/0x330 clocksource_watchdog_kthread+0x193/0x1a0 It is due to the fact that clocksource_verify_choose_cpus() is invoked with preemption disabled. This function invokes get_random_u32() to obtain random numbers for choosing CPUs. The batched_entropy_32 local lock and/or the base_crng.lock spinlock in driver/char/random.c will be acquired during the call. In PREEMPT_RT kernel, they are both sleeping locks and so cannot be acquired in atomic context. Fix this problem by using migrate_disable() to allow smp_processor_id() to be reliably used without introducing atomic context. preempt_disable() is then called after clocksource_verify_choose_cpus() but before the clocksource measurement is being run to avoid introducing unexpected latency.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21767"
},
{
"cve": "CVE-2025-21795",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "NFSD: hang in nfsd4_shutdown_callback. If nfs4_client is in courtesy state then there is no point to send the callback. This causes nfsd4_shutdown_callback to hang since cl_cb_inflight is not 0. This hang lasts about 15 minutes until TCP notifies NFSD that the connection was dropped.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21795"
},
{
"cve": "CVE-2025-21796",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "nfsd: clear acl_access/acl_default after releasing them If getting acl_default fails, acl_access and acl_default will be released simultaneously.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21796"
},
{
"cve": "CVE-2025-21848",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nnfp: bpf: Add check for nfp_app_ctrl_msg_alloc()\r\n\r\nAdd check for the return value of nfp_app_ctrl_msg_alloc() in\r\nnfp_bpf_cmsg_alloc() to prevent null pointer dereference.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21848"
},
{
"cve": "CVE-2025-21862",
"cwe": {
"id": "CWE-908",
"name": "Use of Uninitialized Resource"
},
"notes": [
{
"category": "summary",
"text": "drop_monitor: incorrect initialization order. If drop_monitor is built as a kernel module, syzkaller may have time to send a netlink NET_DM_CMD_START message during the module loading. This will call the net_dm_monitor_start() function that uses a spinlock that has not yet been initialized.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21862"
},
{
"cve": "CVE-2025-21864",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ntcp: drop secpath at the same time as we currently drop dst\r\n\r\nXiumei reported hitting the WARN in xfrm6_tunnel_net_exit while\r\nrunning tests that boil down to:\r\n - create a pair of netns\r\n - run a basic TCP test over ipcomp6\r\n - delete the pair of netns\r\n\r\nThe xfrm_state found on spi_byaddr was not deleted at the time we\r\ndelete the netns, because we still have a reference on it. This\r\nlingering reference comes from a secpath (which holds a ref on the\r\nxfrm_state), which is still attached to an skb. This skb is not\r\nleaked, it ends up on sk_receive_queue and then gets defer-free\u0027d by\r\nskb_attempt_defer_free.\r\n\r\nThe problem happens when we defer freeing an skb (push it on one CPU\u0027s\r\ndefer_list), and don\u0027t flush that list before the netns is deleted. In\r\nthat case, we still have a reference on the xfrm_state that we don\u0027t\r\nexpect at this point.\r\n\r\nWe already drop the skb\u0027s dst in the TCP receive path when it\u0027s no\r\nlonger needed, so let\u0027s also drop the secpath. At this point,\r\ntcp_filter has already called into the LSM hooks that may require the\r\nsecpath, so it should not be needed anymore. However, in some of those\r\nplaces, the MPTCP extension has just been attached to the skb, so we\r\ncannot simply drop all extensions.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21864"
},
{
"cve": "CVE-2025-21865",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "summary",
"text": "gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Commit eb28fd76c0a0 (\"gtp: Destroy device along with udp socket\u0027s netns dismantle.\") added the for_each_netdev() loop in gtp_net_exit_batch_rtnl() to destroy devices in each netns as done in geneve and ip tunnels. However, this could trigger -\u003edellink() twice for the same device during -\u003eexit_batch_rtnl().",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-21865"
},
{
"cve": "CVE-2025-26465",
"cwe": {
"id": "CWE-390",
"name": "Detection of Error Condition Without Action"
},
"notes": [
{
"category": "summary",
"text": "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client\u0027s memory resource first, turning the attack complexity high.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-26465"
},
{
"cve": "CVE-2025-31115",
"cwe": {
"id": "CWE-826",
"name": "Premature Release of Resource During Expected Lifetime"
},
"notes": [
{
"category": "summary",
"text": "The threaded .xz decoder in liblzma has a vulnerability that can at least result in a crash (denial of service). The effects include heap use after free and writing to an address based on the null pointer plus an offset.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-31115"
},
{
"cve": "CVE-2025-32988",
"cwe": {
"id": "CWE-415",
"name": "Double Free"
},
"notes": [
{
"category": "summary",
"text": "A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-32988"
},
{
"cve": "CVE-2025-32989",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"notes": [
{
"category": "summary",
"text": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-32989"
},
{
"cve": "CVE-2025-39929",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nsmb: client: fix smbdirect_recv_io leak in smbd_negotiate() error path\r\n\r\nDuring tests of another unrelated patch I was able to trigger this\r\nerror: Objects remaining on __kmem_cache_shutdown()",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39929"
},
{
"cve": "CVE-2025-39931",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncrypto: af_alg - Set merge to zero early in af_alg_sendmsg\r\n\r\nIf an error causes af_alg_sendmsg to abort, ctx-\u003emerge may contain\r\na garbage value from the previous loop. This may then trigger a\r\ncrash on the next entry into af_alg_sendmsg when it attempts to do\r\na merge that can\u0027t be done.\r\n\r\nFix this by setting ctx-\u003emerge to zero near the start of the loop.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39931"
},
{
"cve": "CVE-2025-39977",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\nfutex: Prevent use-after-free during requeue-PI\r\n\r\nsyzbot managed to trigger the following race:\r\n\r\n T1 T2\r\n\r\n futex_wait_requeue_pi()\r\n futex_do_wait()\r\n schedule()\r\n futex_requeue()\r\n futex_proxy_trylock_atomic()\r\n futex_requeue_pi_prepare()\r\n requeue_pi_wake_futex()\r\n futex_requeue_pi_complete()\r\n /* preempt */\r\n\r\n * timeout/ signal wakes T1 *\r\n\r\n futex_requeue_pi_wakeup_sync() // Q_REQUEUE_PI_LOCKED\r\n futex_hash_put()\r\n // back to userland, on stack futex_q is garbage\r\n\r\n /* back */\r\n wake_up_state(q-\u003etask, TASK_NORMAL);\r\n\r\nIn this scenario futex_wait_requeue_pi() is able to leave without using\r\nfutex_q::lock_ptr for synchronization.\r\n\r\nThis can be prevented by reading futex_q::task before updating the\r\nfutex_q::requeue_state. A reference on the task_struct is not needed\r\nbecause requeue_pi_wake_futex() is invoked with a spinlock_t held which\r\nimplies a RCU read section.\r\n\r\nEven if T1 terminates immediately after, the task_struct will remain valid\r\nduring T2\u0027s wake_up_state(). A READ_ONCE on futex_q::task before\r\nfutex_requeue_pi_complete() is enough because it ensures that the variable\r\nis read before the state is updated.\r\n\r\nRead futex_q::task before updating the requeue state, use it for the\r\nfollowing wakeup.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.0,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-39977"
},
{
"cve": "CVE-2025-40022",
"cwe": {
"id": "CWE-704",
"name": "Incorrect Type Conversion or Cast"
},
"notes": [
{
"category": "summary",
"text": "In the Linux kernel, the following vulnerability has been resolved:\r\n\r\ncrypto: af_alg - Fix incorrect boolean values in af_alg_ctx\r\n\r\nCommit 1b34cbbf4f01 (\"crypto: af_alg - Disallow concurrent writes in\r\naf_alg_sendmsg\") changed some fields from bool to 1-bit bitfields of\r\ntype u32.\r\n\r\nHowever, some assignments to these fields, specifically \u0027more\u0027 and\r\n\u0027merge\u0027, assign values greater than 1. These relied on C\u0027s implicit\r\nconversion to bool, such that zero becomes false and nonzero becomes\r\ntrue.\r\n\r\nWith a 1-bit bitfields of type u32 instead, mod 2 of the value is taken\r\ninstead, resulting in 0 being assigned in some cases when 1 was intended.\r\n\r\nFix this by restoring the bool type.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-40022"
},
{
"cve": "CVE-2025-46836",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "summary",
"text": "net-tools is a collection of programs that form the base set of the NET-3 networking distribution for the Linux operating system. Inn versions up to and including 2.10, the Linux network utilities (like ifconfig) from the net-tools package do not properly validate the structure of /proc files when showing interfaces. `get_name()` in `interface.c` copies interface labels from `/proc/net/dev` into a fixed 16-byte stack buffer without bounds checking, leading to possible arbitrary code execution or crash. The known attack path does not require privilege but also does not provide privilege escalation in this scenario. A patch is available and expected to be part of version 2.20.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-46836"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"notes": [
{
"category": "summary",
"text": "libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-59375"
},
{
"cve": "CVE-2025-66382",
"cwe": {
"id": "CWE-407",
"name": "Inefficient Algorithmic Complexity"
},
"notes": [
{
"category": "summary",
"text": "In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.",
"title": "Summary"
}
],
"product_status": {
"known_affected": [
"1",
"2",
"3",
"4",
"5"
]
},
"remediations": [
{
"category": "none_available",
"details": "Currently no fix is available",
"product_ids": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"1",
"2",
"3",
"4",
"5"
]
}
],
"title": "CVE-2025-66382"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…