Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-60753 (GCVE-0-2025-60753)
Vulnerability from cvelistv5 – Published: 2025-11-05 00:00 – Updated: 2025-11-05 15:44
VLAI
EPSS
Summary
An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).
Severity
5.5 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-60753",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-05T15:39:22.288768Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-835",
"description": "CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T15:44:31.278Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-05T15:17:43.562Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/libarchive/libarchive/issues/2725"
},
{
"url": "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-60753",
"datePublished": "2025-11-05T00:00:00.000Z",
"dateReserved": "2025-09-26T00:00:00.000Z",
"dateUpdated": "2025-11-05T15:44:31.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-60753",
"date": "2026-06-29",
"epss": "0.00139",
"percentile": "0.03638"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-60753\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-11-05T16:15:40.430\",\"lastModified\":\"2026-06-17T09:50:05.117\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).\"}],\"affected\":[{\"source\":\"cve@mitre.org\",\"affectedData\":[{\"vendor\":\"n/a\",\"product\":\"n/a\",\"versions\":[{\"version\":\"n/a\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-11-05T15:39:22.288768Z\",\"id\":\"CVE-2025-60753\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"},{\"lang\":\"en\",\"value\":\"CWE-835\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libarchive:libarchive:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.8.1\",\"matchCriteriaId\":\"38EFBDEB-6861-41B1-801C-E7A5BAD7C0BC\"}]}]}],\"references\":[{\"url\":\"https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/libarchive/libarchive/issues/2725\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-60753\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-05T15:39:22.288768Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-835\", \"description\": \"CWE-835 Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-05T15:41:15.270Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/libarchive/libarchive/issues/2725\"}, {\"url\": \"https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-11-05T15:17:43.562Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-60753\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-05T15:44:31.278Z\", \"dateReserved\": \"2025-09-26T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-11-05T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2026:22241-1
Vulnerability from csaf_suse - Published: 2026-06-18 08:00 - Updated: 2026-06-18 08:00Summary
Security update for libarchive
Severity
Important
Notes
Title of the patch: Security update for libarchive
Description of the patch: This update for libarchive fixes the following issues
- CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches (bsc#1253088).
- CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the half-window output limiter leads to infinite loop
and DoS (bsc#1259635).
- CVE-2026-4424: information disclosure via heap out-of-bounds read in RAR archive processing (bsc#1259928).
- CVE-2026-4426: undefined behavior due to unvalidated operand in shift expression of the zisofs decompression code
(bsc#1259931).
- CVE-2026-5121: arbitrary code execution via integer overflow in ISO9660 image processing (bsc#1261186).
Patchnames: SUSE-SLE-Micro-6.0-762
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libarchive",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libarchive fixes the following issues\n\n- CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches (bsc#1253088).\n- CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the half-window output limiter leads to infinite loop\n and DoS (bsc#1259635).\n- CVE-2026-4424: information disclosure via heap out-of-bounds read in RAR archive processing (bsc#1259928).\n- CVE-2026-4426: undefined behavior due to unvalidated operand in shift expression of the zisofs decompression code\n (bsc#1259931).\n- CVE-2026-5121: arbitrary code execution via integer overflow in ISO9660 image processing (bsc#1261186).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-762",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22241-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22241-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622241-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22241-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047623.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253088",
"url": "https://bugzilla.suse.com/1253088"
},
{
"category": "self",
"summary": "SUSE Bug 1259635",
"url": "https://bugzilla.suse.com/1259635"
},
{
"category": "self",
"summary": "SUSE Bug 1259928",
"url": "https://bugzilla.suse.com/1259928"
},
{
"category": "self",
"summary": "SUSE Bug 1259931",
"url": "https://bugzilla.suse.com/1259931"
},
{
"category": "self",
"summary": "SUSE Bug 1261186",
"url": "https://bugzilla.suse.com/1261186"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-60753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-60753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-4111 page",
"url": "https://www.suse.com/security/cve/CVE-2026-4111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-4424 page",
"url": "https://www.suse.com/security/cve/CVE-2026-4424/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-4426 page",
"url": "https://www.suse.com/security/cve/CVE-2026-4426/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-5121 page",
"url": "https://www.suse.com/security/cve/CVE-2026-5121/"
}
],
"title": "Security update for libarchive",
"tracking": {
"current_release_date": "2026-06-18T08:00:49Z",
"generator": {
"date": "2026-06-18T08:00:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22241-1",
"initial_release_date": "2026-06-18T08:00:49Z",
"revision_history": [
{
"date": "2026-06-18T08:00:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-3.6.2-6.1.aarch64",
"product": {
"name": "libarchive13-3.6.2-6.1.aarch64",
"product_id": "libarchive13-3.6.2-6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-3.6.2-6.1.s390x",
"product": {
"name": "libarchive13-3.6.2-6.1.s390x",
"product_id": "libarchive13-3.6.2-6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-3.6.2-6.1.x86_64",
"product": {
"name": "libarchive13-3.6.2-6.1.x86_64",
"product_id": "libarchive13-3.6.2-6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.6.2-6.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64"
},
"product_reference": "libarchive13-3.6.2-6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.6.2-6.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x"
},
"product_reference": "libarchive13-3.6.2-6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.6.2-6.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
},
"product_reference": "libarchive13-3.6.2-6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-60753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-60753"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-60753",
"url": "https://www.suse.com/security/cve/CVE-2025-60753"
},
{
"category": "external",
"summary": "SUSE Bug 1253088 for CVE-2025-60753",
"url": "https://bugzilla.suse.com/1253088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T08:00:49Z",
"details": "moderate"
}
],
"title": "CVE-2025-60753"
},
{
"cve": "CVE-2026-4111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-4111"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-4111",
"url": "https://www.suse.com/security/cve/CVE-2026-4111"
},
{
"category": "external",
"summary": "SUSE Bug 1259634 for CVE-2026-4111",
"url": "https://bugzilla.suse.com/1259634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T08:00:49Z",
"details": "important"
}
],
"title": "CVE-2026-4111"
},
{
"cve": "CVE-2026-4424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-4424"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-4424",
"url": "https://www.suse.com/security/cve/CVE-2026-4424"
},
{
"category": "external",
"summary": "SUSE Bug 1259927 for CVE-2026-4424",
"url": "https://bugzilla.suse.com/1259927"
},
{
"category": "external",
"summary": "SUSE Bug 1265940 for CVE-2026-4424",
"url": "https://bugzilla.suse.com/1265940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T08:00:49Z",
"details": "important"
}
],
"title": "CVE-2026-4424"
},
{
"cve": "CVE-2026-4426",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-4426"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-4426",
"url": "https://www.suse.com/security/cve/CVE-2026-4426"
},
{
"category": "external",
"summary": "SUSE Bug 1259930 for CVE-2026-4426",
"url": "https://bugzilla.suse.com/1259930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T08:00:49Z",
"details": "important"
}
],
"title": "CVE-2026-4426"
},
{
"cve": "CVE-2026-5121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-5121"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-5121",
"url": "https://www.suse.com/security/cve/CVE-2026-5121"
},
{
"category": "external",
"summary": "SUSE Bug 1261184 for CVE-2026-5121",
"url": "https://bugzilla.suse.com/1261184"
},
{
"category": "external",
"summary": "SUSE Bug 1265940 for CVE-2026-5121",
"url": "https://bugzilla.suse.com/1265940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.aarch64",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.s390x",
"SUSE Linux Micro 6.0:libarchive13-3.6.2-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-18T08:00:49Z",
"details": "important"
}
],
"title": "CVE-2026-5121"
}
]
}
SUSE-SU-2026:22248-1
Vulnerability from csaf_suse - Published: 2026-06-22 09:04 - Updated: 2026-06-22 09:04Summary
Security update for libarchive
Severity
Important
Notes
Title of the patch: Security update for libarchive
Description of the patch: This update for libarchive fixes the following issues
- CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches (bsc#1253088).
- CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the half-window output limiter leads to infinite loop
and DoS (bsc#1259635).
- CVE-2026-4424: information disclosure via heap out-of-bounds read in RAR archive processing (bsc#1259928).
- CVE-2026-4426: undefined behavior due to unvalidated operand in shift expression of the zisofs decompression code
(bsc#1259931).
- CVE-2026-5121: arbitrary code execution via integer overflow in ISO9660 image processing (bsc#1261186).
Patchnames: SUSE-SLE-Micro-6.1-586
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.6 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libarchive",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libarchive fixes the following issues\n\n- CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches (bsc#1253088).\n- CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the half-window output limiter leads to infinite loop\n and DoS (bsc#1259635).\n- CVE-2026-4424: information disclosure via heap out-of-bounds read in RAR archive processing (bsc#1259928).\n- CVE-2026-4426: undefined behavior due to unvalidated operand in shift expression of the zisofs decompression code\n (bsc#1259931).\n- CVE-2026-5121: arbitrary code execution via integer overflow in ISO9660 image processing (bsc#1261186).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-586",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22248-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22248-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622248-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22248-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047616.html"
},
{
"category": "self",
"summary": "SUSE Bug 1253088",
"url": "https://bugzilla.suse.com/1253088"
},
{
"category": "self",
"summary": "SUSE Bug 1259635",
"url": "https://bugzilla.suse.com/1259635"
},
{
"category": "self",
"summary": "SUSE Bug 1259928",
"url": "https://bugzilla.suse.com/1259928"
},
{
"category": "self",
"summary": "SUSE Bug 1259931",
"url": "https://bugzilla.suse.com/1259931"
},
{
"category": "self",
"summary": "SUSE Bug 1261186",
"url": "https://bugzilla.suse.com/1261186"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-60753 page",
"url": "https://www.suse.com/security/cve/CVE-2025-60753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-4111 page",
"url": "https://www.suse.com/security/cve/CVE-2026-4111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-4424 page",
"url": "https://www.suse.com/security/cve/CVE-2026-4424/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-4426 page",
"url": "https://www.suse.com/security/cve/CVE-2026-4426/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-5121 page",
"url": "https://www.suse.com/security/cve/CVE-2026-5121/"
}
],
"title": "Security update for libarchive",
"tracking": {
"current_release_date": "2026-06-22T09:04:46Z",
"generator": {
"date": "2026-06-22T09:04:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22248-1",
"initial_release_date": "2026-06-22T09:04:46Z",
"revision_history": [
{
"date": "2026-06-22T09:04:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"product": {
"name": "libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"product_id": "libarchive13-3.7.4-slfo.1.1_4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"product": {
"name": "libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"product_id": "libarchive13-3.7.4-slfo.1.1_4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"product": {
"name": "libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"product_id": "libarchive13-3.7.4-slfo.1.1_4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libarchive13-3.7.4-slfo.1.1_4.1.x86_64",
"product": {
"name": "libarchive13-3.7.4-slfo.1.1_4.1.x86_64",
"product_id": "libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.4-slfo.1.1_4.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64"
},
"product_reference": "libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.4-slfo.1.1_4.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le"
},
"product_reference": "libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.4-slfo.1.1_4.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x"
},
"product_reference": "libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libarchive13-3.7.4-slfo.1.1_4.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
},
"product_reference": "libarchive13-3.7.4-slfo.1.1_4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-60753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-60753"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-60753",
"url": "https://www.suse.com/security/cve/CVE-2025-60753"
},
{
"category": "external",
"summary": "SUSE Bug 1253088 for CVE-2025-60753",
"url": "https://bugzilla.suse.com/1253088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T09:04:46Z",
"details": "moderate"
}
],
"title": "CVE-2025-60753"
},
{
"cve": "CVE-2026-4111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-4111"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-4111",
"url": "https://www.suse.com/security/cve/CVE-2026-4111"
},
{
"category": "external",
"summary": "SUSE Bug 1259634 for CVE-2026-4111",
"url": "https://bugzilla.suse.com/1259634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T09:04:46Z",
"details": "important"
}
],
"title": "CVE-2026-4111"
},
{
"cve": "CVE-2026-4424",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-4424"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-4424",
"url": "https://www.suse.com/security/cve/CVE-2026-4424"
},
{
"category": "external",
"summary": "SUSE Bug 1259927 for CVE-2026-4424",
"url": "https://bugzilla.suse.com/1259927"
},
{
"category": "external",
"summary": "SUSE Bug 1265940 for CVE-2026-4424",
"url": "https://bugzilla.suse.com/1265940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T09:04:46Z",
"details": "important"
}
],
"title": "CVE-2026-4424"
},
{
"cve": "CVE-2026-4426",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-4426"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log2_bs`) read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to incorrect memory allocation and potential application crashes, resulting in a denial-of-service (DoS) condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-4426",
"url": "https://www.suse.com/security/cve/CVE-2026-4426"
},
{
"category": "external",
"summary": "SUSE Bug 1259930 for CVE-2026-4426",
"url": "https://bugzilla.suse.com/1259930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T09:04:46Z",
"details": "important"
}
],
"title": "CVE-2026-4426"
},
{
"cve": "CVE-2026-5121",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-5121"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-5121",
"url": "https://www.suse.com/security/cve/CVE-2026-5121"
},
{
"category": "external",
"summary": "SUSE Bug 1261184 for CVE-2026-5121",
"url": "https://bugzilla.suse.com/1261184"
},
{
"category": "external",
"summary": "SUSE Bug 1265940 for CVE-2026-5121",
"url": "https://bugzilla.suse.com/1265940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.aarch64",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.ppc64le",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.s390x",
"SUSE Linux Micro 6.1:libarchive13-3.7.4-slfo.1.1_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-22T09:04:46Z",
"details": "important"
}
],
"title": "CVE-2026-5121"
}
]
}
WID-SEC-W-2025-2497
Vulnerability from csaf_certbund - Published: 2025-11-05 23:00 - Updated: 2026-04-22 22:00Summary
libarchive: Schwachstelle ermöglicht Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: libarchive ist eine C Bibliothek und ein Kommandozeilen-Tool zum Lesen und Bearbeiten von tar, cpio, zip, ISO und anderen Formaten.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in libarchive ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Open Source libarchive bsdtar <3.8.1
Open Source / libarchive
|
bsdtar <3.8.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— |
References
9 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "libarchive ist eine C Bibliothek und ein Kommandozeilen-Tool zum Lesen und Bearbeiten von tar, cpio, zip, ISO und anderen Formaten.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in libarchive ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2497 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2497.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2497 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2497"
},
{
"category": "external",
"summary": "Red Hat Bugtracker vom 2025-11-05",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2412648"
},
{
"category": "external",
"summary": "libarcive GitHub vom 2025-11-05 mit PoC",
"url": "https://github.com/libarchive/libarchive/issues/2725"
},
{
"category": "external",
"summary": "libarcive GitHub Advisory vom 2025-11-05",
"url": "https://github.com/advisories/GHSA-qm3h-46xc-w7w4"
},
{
"category": "external",
"summary": "libarcive NIST Advisory vom 2025-11-05",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-60753"
},
{
"category": "external",
"summary": "GitHub vom 2025-11-05 mit PoC",
"url": "https://github.com/Papya-j/CVE/tree/main/CVE-2025-60753"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8147-1 vom 2026-04-06",
"url": "https://ubuntu.com/security/notices/USN-8147-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:8944 vom 2026-04-22",
"url": "https://access.redhat.com/errata/RHSA-2026:8944"
}
],
"source_lang": "en-US",
"title": "libarchive: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2026-04-22T22:00:00.000+00:00",
"generator": {
"date": "2026-04-23T09:29:23.311+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2497",
"initial_release_date": "2025-11-05T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-11-05T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-06T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-04-22T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "bsdtar \u003c3.8.1",
"product": {
"name": "Open Source libarchive bsdtar \u003c3.8.1",
"product_id": "T048329"
}
},
{
"category": "product_version",
"name": "bsdtar 3.8.1",
"product": {
"name": "Open Source libarchive bsdtar 3.8.1",
"product_id": "T048329-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:libarchive:libarchive:bsdtar__3.8.1"
}
}
}
],
"category": "product_name",
"name": "libarchive"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-60753",
"product_status": {
"known_affected": [
"T048329",
"67646",
"T000126"
]
},
"release_date": "2025-11-05T23:00:00.000+00:00",
"title": "CVE-2025-60753"
}
]
}
WID-SEC-W-2025-2563
Vulnerability from csaf_certbund - Published: 2025-11-11 23:00 - Updated: 2026-05-11 22:00Summary
Microsoft Azure Linux: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Microsoft Azure Linux ist eine von Microsoft entwickelte Linux-Distribution, die für die Ausführung von Workloads in der Azure-Cloud optimiert ist.
Windows ist ein Betriebssystem von Microsoft.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Microsoft Azure Linux und Microsoft Windows ausnutzen um erhöhte Privilegien zu erlangen, beliebigen Code auszuführen, die Authentifizierung zu umgehen, Spoofing-Angriffe durchzuführen, einen Denial-of-Service-Zustand zu verursachen oder andere, nicht näher spezifizierte Angriffe durchzuführen.
Betroffene Betriebssysteme: - Windows
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
Affected products
Known affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell ECS 3.8.1.0-3.8.1.7
Dell / ECS
|
cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7
|
3.8.1.0-3.8.1.7 | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0
|
azl3 nghttp2 1.61.0-2 on 3.0 | |
|
Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0
|
azl3 kubevirt 1.5.0-5 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0
|
azl3 rust 1.86.0-9 on 3.0 | |
|
Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0
|
azl3 containerd2 2.0.0-14 on 3.0 | |
|
Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0
|
azl3 rust 1.75.0-21 on 3.0 | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0
|
azl3 curl 8.11.1-4 on 3.0 | |
|
Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0
|
azl3 kernel 6.6.104.2-4 on 3.0 | |
|
Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0
|
azl3 libarchive 3.7.7-3 on 3.0 | |
|
Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0
|
azl3 runc 1.3.3-1 on 3.0 | |
|
Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0
|
azl3 libxml2 2.11.5-7 on 3.0 | |
|
Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0
|
azl3 mysql 8.0.44-2 on 3.0 | |
|
Microsoft Windows Subsystem for Linux GUI
Microsoft / Windows
|
cpe:/o:microsoft:windows:subsystem_for_linux_gui
|
Subsystem for Linux GUI | |
|
Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0
Microsoft / Azure Linux
|
cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0
|
azl3 cmake 3.30.3-10 on 3.0 |
References
9 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Microsoft Azure Linux ist eine von Microsoft entwickelte Linux-Distribution, die f\u00fcr die Ausf\u00fchrung von Workloads in der Azure-Cloud optimiert ist.\r\nWindows ist ein Betriebssystem von Microsoft.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Microsoft Azure Linux und Microsoft Windows ausnutzen um erh\u00f6hte Privilegien zu erlangen, beliebigen Code auszuf\u00fchren, die Authentifizierung zu umgehen, Spoofing-Angriffe durchzuf\u00fchren, einen Denial-of-Service-Zustand zu verursachen oder andere, nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2563 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2563.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2563 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2563"
},
{
"category": "external",
"summary": "Microsoft Leitfaden f\u00fcr Sicherheitsupdates",
"url": "https://msrc.microsoft.com/update-guide/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:4288-1 vom 2025-11-28",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2I3DAC5P7RIJP4M7YPNYJVIE4ZG7RSHV/"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-2F6CA95A74 vom 2025-12-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-2f6ca95a74"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-7C468696D2 vom 2025-12-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-7c468696d2"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-D39F46567C vom 2025-12-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-d39f46567c"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-2CA3289343 vom 2025-12-13",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-2ca3289343"
},
{
"category": "external",
"summary": "Dell Security Advisory",
"url": "https://www.dell.com/support/kbdoc/en-us/000462117/dsa-2026-047-security-update-for-dell-ecs-and-objectscale-multiple-vulnerabilities-1"
}
],
"source_lang": "en-US",
"title": "Microsoft Azure Linux: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-11T22:00:00.000+00:00",
"generator": {
"date": "2026-05-12T08:31:27.004+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2563",
"initial_release_date": "2025-11-11T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-11-11T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-11-30T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-12-14T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2026-05-11T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Dell aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.8.1.0-3.8.1.7",
"product": {
"name": "Dell ECS 3.8.1.0-3.8.1.7",
"product_id": "T053778",
"product_identification_helper": {
"cpe": "cpe:/h:dell:ecs:3.8.1.0_-_3.8.1.7"
}
}
}
],
"category": "product_name",
"name": "ECS"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "azl3 nghttp2 1.61.0-2 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 nghttp2 1.61.0-2 on 3.0",
"product_id": "T048506",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_nghttp2_1.61.0-2_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 libarchive 3.7.7-3 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 libarchive 3.7.7-3 on 3.0",
"product_id": "T048507",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_libarchive_3.7.7-3_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 kernel 6.6.104.2-4 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 kernel 6.6.104.2-4 on 3.0",
"product_id": "T048508",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_kernel_6.6.104.2-4_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 curl 8.11.1-4 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 curl 8.11.1-4 on 3.0",
"product_id": "T048509",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_curl_8.11.1-4_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 cmake 3.30.3-10 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 cmake 3.30.3-10 on 3.0",
"product_id": "T048510",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_cmake_3.30.3-10_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 mysql 8.0.44-2 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 mysql 8.0.44-2 on 3.0",
"product_id": "T048512",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_mysql_8.0.44-2_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 libxml2 2.11.5-7 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 libxml2 2.11.5-7 on 3.0",
"product_id": "T048513",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_libxml2_2.11.5-7_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 rust 1.75.0-21 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 rust 1.75.0-21 on 3.0",
"product_id": "T048514",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_rust_1.75.0-21_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 containerd2 2.0.0-14 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 containerd2 2.0.0-14 on 3.0",
"product_id": "T048515",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_containerd2_2.0.0-14_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 rust 1.86.0-9 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 rust 1.86.0-9 on 3.0",
"product_id": "T048516",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_rust_1.86.0-9_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 kubevirt 1.5.0-5 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 kubevirt 1.5.0-5 on 3.0",
"product_id": "T048517",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_kubevirt_1.5.0-5_on_3.0"
}
}
},
{
"category": "product_version",
"name": "azl3 runc 1.3.3-1 on 3.0",
"product": {
"name": "Microsoft Azure Linux azl3 runc 1.3.3-1 on 3.0",
"product_id": "T048518",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:azure_linux:azl3_runc_1.3.3-1_on_3.0"
}
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "Subsystem for Linux GUI",
"product": {
"name": "Microsoft Windows Subsystem for Linux GUI",
"product_id": "T048511",
"product_identification_helper": {
"cpe": "cpe:/o:microsoft:windows:subsystem_for_linux_gui"
}
}
}
],
"category": "product_name",
"name": "Windows"
}
],
"category": "vendor",
"name": "Microsoft"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2024-25621"
},
{
"cve": "CVE-2025-10966",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-10966"
},
{
"cve": "CVE-2025-12863",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-12863"
},
{
"cve": "CVE-2025-12875",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-12875"
},
{
"cve": "CVE-2025-31133",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-31133"
},
{
"cve": "CVE-2025-40107",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-40107"
},
{
"cve": "CVE-2025-40109",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-40109"
},
{
"cve": "CVE-2025-52565",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-52565"
},
{
"cve": "CVE-2025-52881",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-52881"
},
{
"cve": "CVE-2025-60753",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-60753"
},
{
"cve": "CVE-2025-62220",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-62220"
},
{
"cve": "CVE-2025-64329",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64329"
},
{
"cve": "CVE-2025-64432",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64432"
},
{
"cve": "CVE-2025-64433",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64433"
},
{
"cve": "CVE-2025-64434",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64434"
},
{
"cve": "CVE-2025-64435",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64435"
},
{
"cve": "CVE-2025-64436",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64436"
},
{
"cve": "CVE-2025-64437",
"product_status": {
"known_affected": [
"T053778",
"74185",
"T048506",
"T048517",
"T048516",
"T048515",
"T048514",
"T002207",
"T048509",
"T048508",
"T048507",
"T048518",
"T048513",
"T048512",
"T048511",
"T048510"
]
},
"release_date": "2025-11-11T23:00:00.000+00:00",
"title": "CVE-2025-64437"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…